tag:blogger.com,1999:blog-4088979.post6009270915095281692..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Review of Building a Server with FreeBSD 7Richard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger9125tag:blogger.com,1999:blog-4088979.post-36026685130190711002008-08-03T13:11:00.000-04:002008-08-03T13:11:00.000-04:00Bryan, you left us Mac users out in the cold! It w...Bryan, you left us Mac users out in the cold! It would have been great if you included installation of perhaps the Avahi mDNSresponder and Netatalk to provide afp support. I know you can't please everyone but Mac's are on the rise and are UNIX based! Otherwise I really like your book!<BR/>DaveUnknownhttps://www.blogger.com/profile/14704328595063819956noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-40328780171949724932008-07-30T08:14:00.000-04:002008-07-30T08:14:00.000-04:00Good JOb! :)Good JOb! :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-1252377451764835292008-06-20T18:11:00.000-04:002008-06-20T18:11:00.000-04:00FreeBSD is an excellent unix variant, its said it ...FreeBSD is an excellent unix variant, its said it the best for building servers on. I have one in my network at home just to play around with however i also use it as a fileserver. Plain old samba ;)Bilalhttps://www.blogger.com/profile/06995591628964925071noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-89514152719946253542008-06-18T15:31:00.000-04:002008-06-18T15:31:00.000-04:00This comment has been removed by a blog administrator.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-57707446443852674132008-06-12T05:41:00.000-04:002008-06-12T05:41:00.000-04:00Richard, Thanks for your thoughts, your reviews ar...Richard, <BR/><BR/>Thanks for your thoughts, your reviews are always constructive and allow me, as an author, to see things from a different perspective.<BR/><BR/>On to your questions..<BR/><BR/>I knew that the base OS versions of OpenSSH and OpenSSL would be outdated by the time the book came out. I wanted to give guidance on how to install the latest versions since they can have an effect on security. In the first edition of the book, I gave readers the choice of overwriting the base OS version or installing an independent copy. As you know, the editing process has a tendency to funnel things in one direction to minimize confusion. I chose to overwrite the base OS versions because it minimizes the possibility of inadvertently running the old version instead of the new.<BR/><BR/>There is an amazing landscape of tools out there. I wanted to keep things very brief and focused. I had to chose between explaining the many tools and methods available or go in a single linear progression. The linear approach keeps things as simple as possible, I felt folks would appreciate this. Your advice on mentioning Portsnap, pkg_add, and replacing ntp with openntpd make a lot of sense, thanks.<BR/><BR/>The TCP/IP labels in Appendix D are from the Internet Reference Model or DoD protocol model.<BR/><BR/>I'd be glad to accept suggestions for new applications for inclusion if there is another edition, it all depends on how this one does.. I hope to have a site up soon to give readers that ability to post suggestions and feedback.<BR/><BR/>Thanks againAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-6334336046157192462008-06-10T05:51:00.000-04:002008-06-10T05:51:00.000-04:00We use openntpd on all our servers because you can...We use openntpd on all our servers because you can configure it to only work in "client" mode whereas ntpd can only be used in peer mode.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-39444455296563427202008-06-09T16:26:00.000-04:002008-06-09T16:26:00.000-04:00not that i have, but one reason i would use the po...not that i have, but one reason i would use the ports tree openssh and openssl is because they are usually updated faster than the base, which is very helpful when a critical vulnerability is discovered. bind is a good example.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-49354818584543835152008-06-08T01:34:00.000-04:002008-06-08T01:34:00.000-04:00openntpd is much cleaner and simpler. ntpd has way...openntpd is much cleaner and simpler. ntpd has way too much cruft and complexity.Joehttps://www.blogger.com/profile/14998755598722686389noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-53917715130358983582008-06-08T00:06:00.000-04:002008-06-08T00:06:00.000-04:00Richard,Why would one want to use net/openntpd/ as...Richard,<BR/><BR/>Why would one want to use net/openntpd/ as opposed to ntpd(8) in the base os ?<BR/><BR/> - AlexAnonymousnoreply@blogger.com