lespaul_rentals
April 17th, 2008, 08:48 PM
I am now running FreeBSD 6.3 on my home server, powered on 24/7. I use it for FTP access for my friends, as well as a BitTorrent seedbox. Now, I know that this server is hardly mission-critical and even an operating system such as Windows XP could do the job, but I like running a server to help me learn more about Linux, and now BSD. I had Ubuntu Server Edition 6.06 on it before, and that was stable and a great server operating system, but I was looking for something new.
What follows is a summary of my installation experience, if you care to read.
After popping in the disks, I was greated by a curses-based installer. I like curses a lot more than GUI installers, since it's clean and simple. Also, most of the time the developers assume you are an expert if you are installing a distro using a curses installer, so they throw in some advanced configuration options. To use a simile that Linux users would understand, I found the installation process to be very similar to that of Slackware or Arch.
The partitioning process is different than Linux, but the tool they give you to use is reminiscent of cfdisk. FreeBSD uses its special BSD filesystem, so don't expect to see familiar names such as ext3 or reiserfs in the mix. However, you will recognize the need for a swap partition, so don't forget to throw that on the hard drive.
The installer gave me the option of installing some applications from the packages included on the CDs. It worked okay, but it got annoying switching CDs about 20 times (keep that in mind before you install a bunch of extra applications from the CDs). It also allows you to install the ports collection, which is a good idea, but don't forget to update the ports collection once finished installing.
Virtually everything can be configured through the installation. It's concise and practical. It's such a great installer, I can't get over it. One of the options asks you if you would like to start sshd at boot. I would recommend this, as you won't need a monitor after you finish the installation and can administer your server headlessly.
When you reboot into your new system, you'll be greeted by a login prompt that will be familiar to users of Slackware, Arch, and Gentoo. You can login as root here, or if you added a seperate user during the install, you can login with that.
There's always been the sudo vs. su argument. One of the points sudo supporters use to support their case is the fact that you can simply add or remove a user to the admin group in order to enable or disable their ability to switch to superuser mode. In FreeBSD, users must be in the wheel group in order to run su. So, if you want to disable an employee's ability to become superuser because he's been messing around, take him out of the wheel group. I personally am a supporter of sudo, but FreeBSD's way of handling su is nearly perfect and I don't miss sudo at all.
The default text editors available in the command-line are ee and vi. vi is definitely the "hacker's editor" and is great for some uses, but when editing a couple of lines in a configuration file, vi commands are just annoying. My old favorite is nano, so I went about installing nano from ports.
About installing software, FreeBSD couldn't make it any easier. If you are fine with binaries and like the speed and ease of a pre-compiled package for your architecture, pkg_add will do the job for you. If you like to compile software so you can fine-tune what goes on during the installation process, ports is for you. The way ports is set up is pretty ingenious. To find where a port for your desired application resides, simply run whereis [name of application]. I ran whereis nano and got the name of the directory. All ports are organized under /usr/ports, so all you have to do it change to the directory, and run make install clean as superuser. Characters fly across the screen, stereotypical hacker movie stuff.
Configuration of services and daemons couldn't be any easier. All config files are well documented and man pages are fantastic. Configuration files reside in /etc, period. No looking around the / partition for the neccessary files to modify. Just go into /etc, look for the name of your service, and edit the file with your preferred text editor. All logs are kept in /var/log, so no playing hide-and-seek with those, either.
Admittedly, FreeBSD falls short in the X11 area. If you intend to get an X server running on your machine, you can have fun with that. I read documentation, messed around with the configuration file, and Googled for a long time before I finally gave up. After some thought, I realized it just wasn't worth my time. This was supposed to be a headless server anyway. However, I did want to run a couple of GUI applications in the background, namely KTorrent, which is my BitTorrent client of choice. So, I turned to VNC.
VNC compiled and installed in about 30 minutes using ports. Using my other computers, I was able to access the X session and run KTorrent, then logout and leave KTorrent to do its thing in the VNC session. A functional, headless server, just like I set out to achieve. :KS
FreeBSD borrows a lot of security ideas and a few applications from OpenBSD. One example is the pf firewall. It is much like the iptables firewall built into the Linux kernel, but even better. I port scanned my FreeBSD server with nmap, and on the server's screen appeared a message that alerted me it was being port scanned, and the firewall actually adapted to block ports. Also, if an SSH user changes to root, an alert appears on the console stating the name, date, and time the su command is run. If you're on the wrong side of a bruteforce attack, a message will appear stating the attempted username and IP address of the attacker, so you can ban them. It's clear FreeBSD was designed from the ground up to be the ultimate server operating system.
I'm still learning all the ins and outs of FreeBSD, but it's fantastic. I can't help but smile every time I use it. It's near perfect. It's fast. It's configurable. It's stable. It's the kind of operating system you could leave running with a UPS and never worry about hackers or crashes.
FreeBSD is a server masterpiece.
What follows is a summary of my installation experience, if you care to read.
After popping in the disks, I was greated by a curses-based installer. I like curses a lot more than GUI installers, since it's clean and simple. Also, most of the time the developers assume you are an expert if you are installing a distro using a curses installer, so they throw in some advanced configuration options. To use a simile that Linux users would understand, I found the installation process to be very similar to that of Slackware or Arch.
The partitioning process is different than Linux, but the tool they give you to use is reminiscent of cfdisk. FreeBSD uses its special BSD filesystem, so don't expect to see familiar names such as ext3 or reiserfs in the mix. However, you will recognize the need for a swap partition, so don't forget to throw that on the hard drive.
The installer gave me the option of installing some applications from the packages included on the CDs. It worked okay, but it got annoying switching CDs about 20 times (keep that in mind before you install a bunch of extra applications from the CDs). It also allows you to install the ports collection, which is a good idea, but don't forget to update the ports collection once finished installing.
Virtually everything can be configured through the installation. It's concise and practical. It's such a great installer, I can't get over it. One of the options asks you if you would like to start sshd at boot. I would recommend this, as you won't need a monitor after you finish the installation and can administer your server headlessly.
When you reboot into your new system, you'll be greeted by a login prompt that will be familiar to users of Slackware, Arch, and Gentoo. You can login as root here, or if you added a seperate user during the install, you can login with that.
There's always been the sudo vs. su argument. One of the points sudo supporters use to support their case is the fact that you can simply add or remove a user to the admin group in order to enable or disable their ability to switch to superuser mode. In FreeBSD, users must be in the wheel group in order to run su. So, if you want to disable an employee's ability to become superuser because he's been messing around, take him out of the wheel group. I personally am a supporter of sudo, but FreeBSD's way of handling su is nearly perfect and I don't miss sudo at all.
The default text editors available in the command-line are ee and vi. vi is definitely the "hacker's editor" and is great for some uses, but when editing a couple of lines in a configuration file, vi commands are just annoying. My old favorite is nano, so I went about installing nano from ports.
About installing software, FreeBSD couldn't make it any easier. If you are fine with binaries and like the speed and ease of a pre-compiled package for your architecture, pkg_add will do the job for you. If you like to compile software so you can fine-tune what goes on during the installation process, ports is for you. The way ports is set up is pretty ingenious. To find where a port for your desired application resides, simply run whereis [name of application]. I ran whereis nano and got the name of the directory. All ports are organized under /usr/ports, so all you have to do it change to the directory, and run make install clean as superuser. Characters fly across the screen, stereotypical hacker movie stuff.
Configuration of services and daemons couldn't be any easier. All config files are well documented and man pages are fantastic. Configuration files reside in /etc, period. No looking around the / partition for the neccessary files to modify. Just go into /etc, look for the name of your service, and edit the file with your preferred text editor. All logs are kept in /var/log, so no playing hide-and-seek with those, either.
Admittedly, FreeBSD falls short in the X11 area. If you intend to get an X server running on your machine, you can have fun with that. I read documentation, messed around with the configuration file, and Googled for a long time before I finally gave up. After some thought, I realized it just wasn't worth my time. This was supposed to be a headless server anyway. However, I did want to run a couple of GUI applications in the background, namely KTorrent, which is my BitTorrent client of choice. So, I turned to VNC.
VNC compiled and installed in about 30 minutes using ports. Using my other computers, I was able to access the X session and run KTorrent, then logout and leave KTorrent to do its thing in the VNC session. A functional, headless server, just like I set out to achieve. :KS
FreeBSD borrows a lot of security ideas and a few applications from OpenBSD. One example is the pf firewall. It is much like the iptables firewall built into the Linux kernel, but even better. I port scanned my FreeBSD server with nmap, and on the server's screen appeared a message that alerted me it was being port scanned, and the firewall actually adapted to block ports. Also, if an SSH user changes to root, an alert appears on the console stating the name, date, and time the su command is run. If you're on the wrong side of a bruteforce attack, a message will appear stating the attempted username and IP address of the attacker, so you can ban them. It's clear FreeBSD was designed from the ground up to be the ultimate server operating system.
I'm still learning all the ins and outs of FreeBSD, but it's fantastic. I can't help but smile every time I use it. It's near perfect. It's fast. It's configurable. It's stable. It's the kind of operating system you could leave running with a UPS and never worry about hackers or crashes.
FreeBSD is a server masterpiece.