Hiya,

As the total lamer I am I just managed to lock myself out of my debian box. (don't ask).
Anyway, as I need to re-install anyway I thought maybe I should change to freeBSD instead.

The box will mainly serve as a router/firewall for my home network of 3 computers.

I know have a bunch of questions that I was hoping that some of could answer:

*Generally, would freeBSD be thought of as more secure?
*Is there a fancy packaging system for freeBSD, like rpm or dpkg?
*Is it hard to configure? My thought here is that it doesn't matter how secure the OS could be if I can't configure it.
*Are there any easy and/or good firewalls for freeBSD?

Last but not least, I was hoping on getting some general thoughts and opinions on freeBSD as an OS, pros and cons.

Thanks,

Installing FreeBSD is not easy and not for the newbie. There is no fancy install and as far as security goes I would say OpenBSD is far more secure. To run the box as a firewall you wil need two nics and configure ipf.

Focmaester -
Where can you get Open BSD, does someone sell a cd box kit or is it a download?

If you wanna buy OpenBSD stuff and you live in Europe, www.kd85.com
or if you wanna download it then ftp.openbsd.org
3.0 is the newest version out, I would say download it rather then buying it if you just wanna give it a try.

thks. I have not worked with this version so am going to try and get it.

I have heard it before at several occasions, but how is it that openbsd is more secure? Isn't most of the security in the users, or the configuration made by them?

OpenBSD is so called "pro actively secure"
all code inserted is constantly tested before a new version is released.
Besides is secure by default, no services run until you have enabled them.

oh btw I forgot, there is a small BSD distro called ClosedBSD, it fits on a floppy and turns an old i386 into a firewall using ipfw.

www.closedbsd.org

Just to give FreeBSD its credit I ran 4.3 for awhile and it performed very well. It was considerably more difficult to configure than any *nix box I have set up. However it did handle my hardware better than any OS I've installed on my test box.

If freebsd is too difficult to use, GOOD LUCK with openbsd :)

I do not think freebsd is that difficult. If you have some linux experience, it is no problem. You can also use IPF for your freebsd firewall, I believe it is the default FW package in v4.5.

Freebsd is also very secure, although not quite as secure as openbsd, because in openbsd, all services are disabled by default. In freebsd, you will have to stop some services that are unnecessary, like sendmail. Also, do not install the inetd services during the install when prompted. all it really gives you is telnet, but I would suggest using SSH instead.

The installation of freebsd is also very easy in my opinion, the hardest part is creating the partition, but go out to their website, and there are some very good HOWTO's.

if you need any additional help, I would be more than happy...

Installing OpenBSD is very easy, just don´t ask about dual booting because then the hard part comes :)
I am not an expert on this matter to say that OpenBSD is more secure then FreeBSD, but if you are not a newbie then you would know how to close services you don´t need and secure a FreeBSD box. In OpenBSD everything is closed, you can´t even telnet to the box. SOme people might prefer this as a start.

i used to have freebsd 4.2 box running which i was very happy with. to be honest, i prefer freebsd as opposed to linux. i dont know why. i have a red hat box going, but i just enjoyed setting up the freebsd box more. yes it is more of a challenge, but well worth it. you have total control over the system and configuration, where as it seems that red hat has become a bit too commercial or mainstream for my tastes. it trys to shortcut everything, like windows does, so that the user really does not have to configure the system much at all. at least for installs. it is all a matter of personal opinion i suppose.

FreeBS rocks. OpenBSD is good too. I would start with FreeBSD. It has a step by step installation but after that you are on your own. It's pretty amazing how much you can harden FreeBSD and still have it usable. Most important of all is to have fun.

The installation of freebsd is also very easy in my opinion, the hardest part is creating the partition, but go out to their website, and there are some very good HOWTO's.

Really? The times I've tried installing it (I alway reinstall debian after three days or so), I've been really amazed that there is actually a default partition scheme if you wanna use it. I have never seen anything like it in linux. I actually wrote it down on paper to use when reinstalling debian.

You are right, you could just use auto partitioning..

The only problem for me is that i mainly use *bsd for FW's and IDS which requires lots of log space. /var at 256MB just doesn't cut it for me....lol

I was just trying to say that the install is really pretty easy, and I think the hardest part is determining proper partition size (although it is not that hard)

Oh...and I forgot to answer your question about the "fancy package system" in freebsd. There is one, and it is the best IMO...it is called the ports collection. You can either run /stand/sysinstall and go back to the setup screen to add packages, or you can just browse to any application directory under /usr/ports, from there, it is nothing more than a single command to install any package 'make install'

The latest package will be downloaded, compiled, and installed...all in one easy step ;)

freebsd ---> www.freebsd.org Most popular bsd variant, and easiest.
openbsd --> www.openbsd.org Most secure bsd variant
netbsd -----> www.netbsd.org Most portable bsd variant...Installs on just about any system.
closedbsd --> www.closedbsd.org Smallest bsd variant....All on floppy (no need for hard drive). This version is basically a firewall (like Foc said).

www.bsd.org Gives rateher dated (1999) information about bsd.

The only problem for me is that i mainly use *bsd for FW's and IDS which requires lots of log space. /var at 256MB just doesn't cut it for me....lol

Oh, that sucks. I thought it actually gave percentage of the space available to different partitions.

As for the packageing system it sounds really neat. I gotta get another box. ;)

i was on my first step installing FreeBSD an older version 3.3 for unix.
but i was looking for a reference manuals or some papers for help ....

should i stop this version and go to the next one 4.x what do u think ?

I would have to say that if you installed Debian, you should get FreeBSD working quite easily (not really a user-friendly install but not too hard either) and I must also say that getting a FreeBSD machine doing NAT is MUCH easier than getting a Debian box to do it (much more straightforward, nice chapter on that in the handbook)

I love the BSD's. OpenBSD is my favorite the only reason i dont run it my work is for 2 reasons.....it doesn't support SMP and java wont run on it.

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=220947#post470549) by linuxcomando
I love the BSD's. OpenBSD is my favorite the only reason i dont run it my work is for 2 reasons.....it doesn't support SMP and java wont run on it.

True, I didn´t know about the java part untile 2 weeks ago at Fosdem when OpenBSD people had a presentation. Only thing I use OpenBSD for is as a firewall at home. Since 3.0 it has pf instead of ipf.

Yep All i run is OpenBSD at home. Except i have a dual p3 system thats running freeBsd.
I Would really like to see OpenBSD to come out with support with SMP. :D