2008MAY231045

2008MAY231045
usenet news
Image by bootload
Ask YC: Best Linux distro to deploy as a Server

"… i will like to know the best Linux Distro to use as my server …"

The best Linux distro is probably a *BSD variant*.

Your OS choice for servers differs from desktops. Security, stability and available expertise is more important than ability to configure. The self compiled Linux distributions available for your desktop could expose your server to attack. You can read more here for reasons why ~ ftp://rtfm.mit.edu/pub/usenet/news.answers/unix-faq/faq/part6 [0]

think of BSD as an older, more conservative
and stable OS than the "open-all-doors" Linux …

You can use Linux, but it takes a bit more work to secure than BSD. For the simple reason Linux is younger, more open and therefore less secure than BSD variants (unless hardened with patches like SE) ~ networking.ringofsaturn.com/Unix/bsd.php OBSD and FreeBSD would be my choice. FreeBSD was also the choice of Viaweb. I suppose *"Robert Morris"* knows a thing or to about securing systems ~ www.paulgraham.com/vwfaq.html [2] BSD OS’s are safe, secure and have access to the source, support lots of hardware with caveats. Here is a quick choice guide ~ www.serverwatch.com/tutorials/article.phpr/10825_3393051_… [3]

Of the Linux servers I’d stick with Debian variants which includes Ubuntu. Debian has their own way of doing things but it is stable, well understood. Maybe SE-Linux is worth a look ~ www.nsa.gov/selinux/ [4] and en.wikipedia.org/wiki/Selinux [5]

*"… i will like to know the best Linux Distro to use as my server …"*

That also depends on what hardware you are using. Is it hosted, your own?? Check your hardware lists before you choose your OS.

some time later …

"… However, the original poster wanted info specifically about linux, and while a BSD UNIX is similar, there are enough differences that productivity …"

The poster also mentioned inexperience then requests a less secure server OS than what is possible. Productivity may indeed suffer. Would it be a better idea would be to get an experienced sys-admin to look over the server and secure it?

"… I think it is a bit misleading to say that a distro like debian "opens all doors", that is not the case …"

Of all the distro’s debian is probably the better of the bunch to work with. Debian can be secured. But the strength of Linux and debian, its openness is also its weakness. Default installed distributions still install more applications than you need. This can leave the potential of an unwanted application running to be exploited. Debian before Ubuntu was also the hardest to configure hardware.

"… One must acknowledge however that this was a serious security problem on debian’s side and in contrast OpenBSD has had _two_ exploits in _ten_ years. Those are some pretty sterling security credentials for OpenBSD …"

When it comes to security I’d take OBSD over any linux distro for the simple reason the source has been audited. It is secure by default (You have to actively install what you require). You will not be let down core applications with holes. Having said that I balk at upgrades.

"… The FreeBSD threading model does not work well with MySQL for example and you can see database problems there. I suspect Postgres on FreeBSD is more common and works rather well so you can go that route instead. …"

Or dispense with RDBM’s altogether?

some time later …

"… That has X disabled and no open ports by default …"*

A big plus. The downside is the CLI will now be your best friend. For those weened on GUIs, all that finding, typing and configuration can be a time sink. Also LTS runs on 64 bit systems and has commercial support (Long Term Support) ~ www.ubuntu.com/support/paid

Reference
[0] MIT, Unix FAQ "most commonly ask Q’s on comp.unix.questions and comp.unix.shell

ftp://rtfm.mit.edu/pub/usenet/news.answers/unix-faq/faq/part6

[1] Darwin/Mac OS X: The Fifth BSD, "article describing the main 5 variants of BSD"

networking.ringofsaturn.com/Unix/bsd.php

next >>>