Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1389
  • Last Modified:

Upgrading *nix server: FreeBSD vs. CentOS vs. Fedora

Hi X-perts,

I am upgrading to a new server and not sure which OS to choose: FreeBSD, CentOS or Fedora. Currently i am running FreeBSD, but having read many comment on that subject, think that CentOS is the way to go.

Any recommendations here?

Thanks
0
andy7789
Asked:
andy7789
  • 3
  • 2
  • 2
  • +1
3 Solutions
 
mike_haleCommented:
CentOS is designed to be very, very close to Red Hat Enterprise Linux.
Fedora is a community Linux distro which doesn't seek to emulate RHEL.  
FreeBSD is a totally different animal, based on UNIX rather than a nother Linux distro.  

http://en.wikipedia.org/wiki/CentOS
http://en.wikipedia.org/wiki/Fedora_Core
http://en.wikipedia.org/wiki/FreeBSD

What you go with really depends on what you're good at, and more importantly, what you'll be using the server for.  CentOS and Fedora are easier to set up and configure, but FreeBSD has the edge in out-of-the-box security.  If you haven't messed with CentOS or Fedora yet, I highly recomend that you do.  There are VM Imges available for all three OSes, which is a good way to familirize yourself with them.    
0
 
andy7789Author Commented:
Mike,

I do not care about installation as my server provider will do it. I am thinking about a few considerations here:

1) performance. I could not find any comparative reports how RHEL kernel is better or worse than freeBSD

2) security. i will be installing ModSecurity anyway... not sure if there are any advantages of FreeBSD vs RHEL

3) easy to install applications. With FreeBSD it takes a few seconds to install a new port. With RHEL I will have to do it all manually, though it is not a big deal

4) many commercial *nix applications are difficult to install on FreeBSD (ex adobe FMS)

Any comments?
0
 
MysidiaCommented:
1) It's really no contest.  FreeBSD is the better performer.
In the past FreeBSD has been much better, especially in terms of network performance.
The Linux kernel was surpassing BSD on multi-core systems, but then we got
FreeBSD 7, which beats Linux even at the things Linux ran best
before: MySQL, postgreSQL   on  4 or more cores.
http://www.onlamp.com/pub/a/bsd/2008/02/26/whats-new-in-freebsd-70.html
http://people.freebsd.org/~kris/scaling/dfly.html
http://people.freebsd.org/~kris/scaling/7.0 Preview.pdf

2) When we refer to security, we mean strength against privilege escalation and remote exploits to gain root access.   Free, Net, and OpenBSD  all have proven track records.    There have been many issues where Linux systems have been vulnerable, but *BSD systems have not had very many security issues.

Also, major Linux distributions like RHEL/CentOS  run many unnecessary services out of the box.    Free/Net/Open BSD run very few services out of the box.
You can't remotely exploit what's not running.

FreeBSD has a track-proven TCP stack,  with not  many issues -- the kernel is much more mature than Linux's, so it's natural that many of the bugs have been fixed.

In many cases, new bugs are still being discovered in Linux's TCP/IP stack, and sometimes these bugs are exploitable.

FreeBSD wins the OS security contest hands down.


4)  This is true,  and if you intend to use these commercial applications, it is easier to use an OS that provides the most straightforward installer.

Proprietary, closed source applications may also be less-supported on FreeBSD.

The applications may tend to have bugs when running on FreeBSD that they
do not on other systems, because the application's  authors perform
minimal or unprofessional testing on platforms other than the one that
is most popular.

I normally prefer to refrain from using these commercial applications, or
dedicated additional servers to the proprietary applications.

With the advantage, that the Linux server can be more tightly firewalled,
and if one of the commercial applications (or an exploit thereof)
takes down the box,  most of my services, like database server, backups,
Web server, mail server, etc, run on FreeBSD servers and keep running just fine.





0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
pitorenCommented:
OK, this is all about opinions.

My $0.02

1) You wrote "With FreeBSD it takes a few seconds to install a new port. With RHEL I will have to do it all manually".  That to me is a big deal, _you_ know more about RHEL than you do about RHEL, a + for the former.

2) "performance. I could not find any comparative reports how RHEL kernel is better or worse than freeBSD".  There's a tiny percentage of situations where an extra x% of performance makes any practical, real difference at all.   If you are in that situation, you should test yourself rather than rely someone here who knows close to nout about your situation.

3) "many commercial *nix applications are difficult to install on FreeBSD (ex adobe FMS)".  More to the point, are the apps supported on FreeBSD.  if not, for me it's a no brainer.  I see that the various FMS products support Win Server 2003 and RedHat 4 - if one of my sysadmins "got it installed and it seems to work" on FreeBSD, I'd fire him.

K
0
 
mike_haleCommented:
""got it installed and it seems to work" on FreeBSD, I'd fire him."
Wow, that's harsh.  Would you fire people for putting their pens on the wrong side of the desk too?  

Andy, Mysidia gave you a great overview, IMO.  :)  
0
 
pitorenCommented:
:-)

Maybe harsh, but there are reasons

1) If you spend money on a commercial product, then choose to create an unsupported installation of that product, you are a bit mad.

2) Normally it takes longer, and therefore wastes time that good be spent elsewhere, getting stuff working in "unusual" scenarios.

3) There's always going to be someone else who has to take over the installation/systems. Version X might work OK on <unsupported OS>, but X+1 might not.

It's a good IT principle to keep things as simple as possible.

Of course, it's opinion here.  I don't disagree with much of what Mysidia wrote (though not quite convinced by the performance claim from the links he posted, which is why I said "test yourself").

K
0
 
mike_haleCommented:
I don't want to hijack the thread, so this'll be my last post.
 ;)

I agree with pretty much all of what you said.  However, I think trying 'unsupported' installations is often a great way to learn about the product and the system you're on.  For example, there's plenty of open source products that only have instructions for a few different distros.  Running them on other distros is great practice and experience, even if it ends up not working fully.  Just a thought.

Andy, good luck with whatever you decide to go with.  :)  

0
 
andy7789Author Commented:
thank you guys!. it looks as my old FreeBSD is the way to go, though I was thinking to get hands on Centos first.

I will try Centos on another server where we will be installing Adobe FMS.

I am sharing the points
0
 
MysidiaCommented:
I do suggest trying CentOS.  It's not a bad platform, and it does some things
very well, and it is a very good platform for desktops  (Desktop suitability
surpassed by Fedora and Ubuntu).

I would have to say that the Linux distributions are much better platforms
for Desktop systems (out of the box) than *BSD.

For example, installation of packages and upgrading is very easy.
Once you have the proper repositories loaded
(and many vendor packages are available by default).
"yum install (software package name)"
"yum update (package package name)'

'iptables' and 'ip' commands provide some NAT'ing and policy
options BSD does not.

FreeBSD is a workhorse;  CentOS has many more bells and whistles
available, which can be very useful in the right situations.

0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now