FreeBSD or OpenBSD or *?

[Mr_Mischif]

Well, I'm thinking af starting my own webserver, but I also want it to be a personal fileserver, so I'm thinking of putting FreeBSD on it, since I could use a jail and sandbox the webserver and keep my files safe. But upon reading VaKo's abysmal review of FBSD 6.2, I'm starting to think about OBSD, since they say it's the most secure OS ever and such, and thus I wouldn't really have a problem with skiddies and such. But I don't know which to choose, so I'm asking the hak5ians for their views. It doesn't have to be specifically F/OBSD, just something where I could run a webserver and a fileserver on the same machine securely, hence the *.  Also, it would be nice if people could help me get some semblance of  minimum system requirements for what I'm trying to do with it, since I want to get a fanless machine, and I want it to be able to take serving files and being requested a lot.

[VaKo]

Cooper had problems with a RAID config on a mini-ITX machine using SATA. I've not had problems with IDE, SATA & SCSI based systems. In fact, I've not had problems with any hardware config I've thrown at FreeBSD. Try it yourself.

OpenBSD's base install is very secure, but very sparse, and just because the base is secure it doesn't mean that what you install on it will be.

A clever Windows 2003 admin can make a more secure setup than a stupid OpenBSD admin, how you configure and use your server will have more to do with how secure it is than the choice of distro you use on it.

I like FreeBSD as its easy to use, reliable and secure. I would suggest that you try some distro's (CentOS is good), see how you get on with them. People love ubuntu but I find it irritating. And no matter what OS you do use, they all do pretty much the same thing in the end.

As for the specs, max out the ram.

[metatron]

Stupid OpenBSD admin, do they exist?

The thing with OpenBSD is it’s not very user-friendly and is not designed to be, so that alone keeps idiots away, but yes you can make Windows 2003 relatively secure if you know what your doing.

OpenBSD on a stock install will need a little work to get Apache working exactly how people like, although its very secure how it comes. I guess you’re going to want to run Samba, but other then that there really isn’t that much work to do what your looking to do. I could do it from install to fully operational in less than 10 minutes. As long as you have some *NIX experience it shouldn’t be an issue.

If you’re going with OpenBSD the system requirements are very low, it will run very happily on a P2 with 64MB of memory, but depending on the amount of users you see using your server at one time will greatly affect how  powerful a machine you will need.

[VaKo]

Quantum Physics says "yes" to the concept of a bad OpenBSD admin. My point is though, the choices you make when configuring your server have a lot to do with how secure it ends up. Just because your running software that is secure you can't reliey on that alone to keep your server secure.