tag:blogger.com,1999:blog-4088979.post5571266638504368181..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Recommendation for an Introduction to UnixRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger13125tag:blogger.com,1999:blog-4088979.post-21854258928780456882009-01-10T09:23:00.000-05:002009-01-10T09:23:00.000-05:00One reason I have shied away from Ubuntu is that t...One reason I have shied away from Ubuntu is that the "universe" repository of software packages does not receive any strong security patch attention( http://www.ubuntu.com/community/ubuntustory/components ).<BR/>Debian stable ,which I really like, receives security attention, but the binary packages are older.<BR/>FreeBSD has portaudit which is very nice, but upgrading ports can be tricky.<BR/>Of course, in the NSM view of the world, security patching is only part of the picture.VernonOhttps://www.blogger.com/profile/00501969997374258002noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-10353556777143413772009-01-09T00:54:00.000-05:002009-01-09T00:54:00.000-05:00The book UNIX System Administration Handbook (3rd ...The book UNIX System Administration Handbook (3rd Edition) can still be used or is outdated?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-42219251797686294332009-01-08T12:45:00.000-05:002009-01-08T12:45:00.000-05:00The MySQL developer (I know I said designer) said ...The MySQL developer (I know I said designer) said that at least on older versions of freeBSD, MySQL was not as efficient as Linux. It's possible that the more recent versions of freeBSD are better. We were quite happy with running MySQL on the freeBSD, but decided to follow the MySQL developer's advice when we moved MySQL to it's own server.<BR/><BR/>As to configuring our servers we depend on our hosting company, although I am the one who sets up Perl, PHP and MySQL (the Perl CPAN DBD::mysql will not install without MySQL actually being installed on the localhost).<BR/><BR/>I am working on getting the books you recommended. I do have the book Kace recommended <I>The Complete FreeBSD</I>.<BR/><BR/>At home I'm working on setting up a Fedora Linux box (Need to get a case, motherboard and memory). Is Ubantu really supposed to be better than Fedora? This box will be networked with my main PC and running a program called Synergy which allows me to control the second computer from the main PC (especially useful since my main PC has a resource problem and I can offload some applications to the second computer).<BR/><BR/>BTW Do you know if Unix has the same resource problem that Windows has? Most people will not know what I'm talking about, but I run out of Window's resources before I use up all 2Gig on my main computer (usually only 1.6GB). M$ actually has acknowledged that I had a problem, but I never got around to working on it with the developers because I had to turn off anything that wasn't M$. One of the manifestations of it is that when I try to open a new window it won't. Another is that Dreamweaver will crash with no error message. When I upgraded from Win2K to XP I had hoped the problem would be fixed.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-70596618421508501722009-01-08T11:44:00.000-05:002009-01-08T11:44:00.000-05:00Hi Charlene,I've used MySQL and PostgreSQL on Free...Hi Charlene,<BR/><BR/>I've used MySQL and PostgreSQL on FreeBSD for seven years and I've been happy with it.<BR/><BR/>As far as FreeBSD being less secure than Linux, that outside "security vendor" is ignorant.<BR/><BR/>That being said, your level of security is more likely to relate to your familiarity with the OS you choose, your ability to configure it, and the services you have to provide.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-52879312233315765032009-01-08T11:31:00.000-05:002009-01-08T11:31:00.000-05:00I have a question about freeBSD. After speaking t...I have a question about freeBSD. After speaking to one of the original desingers of MySQL, he recommended not using freeBSD for MySQL. Instead he suggested Linux. So when I was setting up a server that is used primarily for MySQL I went with his suggestion.<BR/><BR/>I work with several other freeBSD servers, and we're in the process of upgrading to newer servers. An outside security vendor told my client/boss that freeBSD wasn't very secure compared to Linux (of course he does hosting and doesn't use freeBSD). <BR/><BR/>We're currently looking at a new hosting company because when we were hacked, we discovered that the firewall was turned off and very little other security help was available. We probably won't go with the outside security vendor we used to secure our current servers a little bit more because we need full 24x7 support (we have over 200 websites that we host and support) from a hosting company.<BR/><BR/>Is it safe to stick with freeBSD, or should we make the switch to Linux?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-83862402899003496432009-01-08T09:35:00.000-05:002009-01-08T09:35:00.000-05:00I'd like to suggest the "budget" options. First an...I'd like to suggest the "budget" options. First and foremost, <A HREF="http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/" REL="nofollow">The FreeBSD Handbook</A>. It's such a great guide. Another thing to consider is Greg Lehey's book, <A HREF="http://www.lemis.com/grog/Documentation/CFBSD/" REL="nofollow">The Complete FreeBSD</A>, which he has released under an open license. Some parts of it will now be out-of-date, but it's good.<BR/><BR/>I don't suggest that either (or both) of these could equal "Absolute FreeBSD". But, for people with an interest but maybe not ready to commit cash, it's a fine start.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-20663630129100712662009-01-08T04:54:00.000-05:002009-01-08T04:54:00.000-05:00Where would you suggest going after this as an int...Where would you suggest going after this as an introduction to security for an experienced computer user who is inexperienced in network security?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-34913935781021694172009-01-06T21:57:00.000-05:002009-01-06T21:57:00.000-05:00Saying "How do you learn Unix" is a pretty vague q...Saying "How do you learn Unix" is a pretty vague question. It like saying "I want to do programming", or "I want to learn sports". If you ask a follow up question like "To do what", you can get a much more specific field to focus on. <BR/><BR/>For instance, if someone wants to learn Unix to just do their daily work vs someone who is an administrator or a programmer, the toolset that they will use regularly gets drastically narrowed down. Your everyday desktop user doesn't need to know commands for checking number of open sockets, process id's, or scripting just to get by (excluding power users of course). Let them learn what they need to be productive, and branch out from there.John Wardhttps://www.blogger.com/profile/10741149622435353727noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-17521583081671436892009-01-06T11:03:00.000-05:002009-01-06T11:03:00.000-05:00We have a couple of "production" laptops at the ho...We have a couple of "production" laptops at the house, one of which is windows. Its what my wife prefers, and I prefer being married, so windows is what she uses. On a personal use basis I prefer Linux because of the amount of tools available in the open source community. From photo editing to making backups of dvd's, these tools are freely available. Professionally, I prefer Linux, again due to the tool sets available, and the ability to readily secure the OS. That said, if an employer or customer has windows requirements...... then guess what I use. I no longer fight that topic. I make the best of the situation at hand.Fredhttps://www.blogger.com/profile/03207213134040728576noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-48416762478706983282009-01-06T09:14:00.000-05:002009-01-06T09:14:00.000-05:00@anonymous If it wasn't for Cygwin, I'd go insane...@anonymous If it wasn't for Cygwin, I'd go insane.<BR/><BR/>Seriously, how awesome is having bash or tcsh, with the likes of grep, sed, awk, perl and python at your fingertips?<BR/><BR/>Thanks Richard, I now have a book I can use my Amazon gift certificate on :)Marcinhttps://www.blogger.com/profile/02403324596880195518noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-20345097260024448492009-01-06T08:43:00.000-05:002009-01-06T08:43:00.000-05:00Hi Anonymous,Well, I'm typing this on Windows righ...Hi Anonymous,<BR/><BR/>Well, I'm typing this on Windows right now. I triple-boot my personal laptop with XP, Ubuntu, and FreeBSD. I use whichever runs the software I need for the task at hand. I spend most of my time in Linux.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-60373549558062015302009-01-06T07:42:00.000-05:002009-01-06T07:42:00.000-05:00If you prefer your desktop to "just work" fluidly,...If you prefer your desktop to "just work" fluidly, then why wouldn't you use Windows? Joking aside, most of us probably use XP in a home or work environment and don't think twice about the OS we're on or whether a new piece of software is compatible...it "just works."<BR/><BR/>Not suggesting that you should be using Windows, I just wonder if there's another criteria that you're applying in your choice of desktop OS.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-58936190297841211532009-01-06T02:57:00.000-05:002009-01-06T02:57:00.000-05:00In addition, I'd like to throw my hat into the rin...In addition, I'd like to throw my hat into the ring for OpenBSD. If you're going to learn Unix you may as well start from the perspective of one of the most secure Unix operating systems today (yes I said it, and already I regret it :). <BR/><BR/>Michael Lucas also wrote an absolutely fantastic book on OpenBSD entitled, you guessed it, Absolute OpenBSD.Anonymousnoreply@blogger.com