From owner-freebsd-questions Wed Oct 31 1:23:21 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id 89B2037B403 for ; Wed, 31 Oct 2001 01:23:12 -0800 (PST) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id f9V9N1T69069; Wed, 31 Oct 2001 01:23:04 -0800 (PST) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Anthony Atkielski" , Subject: RE: Tiny starter configuration for FreeBSD Date: Wed, 31 Oct 2001 01:22:58 -0800 Message-ID: <005a01c161ed$a19933c0$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 In-Reply-To: <00dc01c1612d$3f080f80$0a00000a@contactdish> Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Anthony >Atkielski > >Maybe, but I no longer find such comments amusing. There are too >many clueless >young males on the Internet who bash Microsoft gratuitously because it is the >fashionable thing to do, or because they are ruled by emotion rather than >intellect, and I'm tired of hearing their rants. You may not be in this >category, but your comment certainly is in that category, and it is >very tiring. > I was going to stay out of this one, but.. >> NT doesn't like being changed, period. > >I've never come across any operating system that is not destabilized >by change. >NT is no different from the rest in this respect. > Wrong. What he means is that under UNIX there is separation of programs - you can add and remove them without buggering up the rest of the system. This is true for FreeBSD. It's not true for all UNIX's, however. With NT, as you continue to load various programs into it eventually you have programs overwriting each other's DLL's in \windows\system32. That can cause trouble as well as if you then remove some of those programs and they delete what they think are "their" DLL's which are also being used by other programs. Also with NT, there is the "registry" which is like taking every single configuration program for every program and mashing them into one gigantic be-all and end-all configuration program that is almost completely undocumented. This is a fundamental design flaw as when you permit programs to add and remove things to a common configuration file you are allowing them the possibility of trashing each other's configurations. UNIX has no parallel to the atrocious 3rd party DLL management under NT nor does it have a parallel to a unified config file for all applications. Both of these design disasters are in my opinion responsible for most of the reports of instability in Windows NT that occurs when changing things. By not going this route UNIX is made infinitely more stable and resistant to problems caused by changes to the OS. > >> Eh, shouldn't make too much of a different to NT. > >NT, like most operating systems, is configured to be relatively insecure by >default. Untrue. While by default NT is configured insecure, current UNIX versions are not configured insecure by default. Microsoft is finally seeing the light with XP - by default most of the crap is switched off, unlike NT and W2K. Anyway, the point is that obtaining security certification by removing the floppy and network adapter is dishonest. A server is unusable without a network adapter. It's like building a car that has no engine in it and no wheels and labeling it "the safest car on the road" Sure it is because nobody uses it. >Even though I configured my machine as NT server and as a domain >controller, I've shut almost everything down on the machine, since I use it >mainly as a workstation. It is as silent as a tomb from the Net's viewpoint >(almost). > Code Red and Nimda proved that 99.99% of NT admins DID NOT do this. Even today, months afterword, people are still seeing thousands of code red scans a day, so there's still a large group of NT admins out there that are still clueless and causing problems. To use the car analogy again, this is like those automakers that sell trucks without rear bumpers, because "then the customer can buy the kind of bumper they want" Of course most of the buyers never buy bumpers and instead drive their rice-grinder trucks around without rear bumpers, increasing the safety hazard on the highways for all the rest of us. At some point, Microsoft has to take some of the culpability for selling a holey OS to clueless masses. >> But, if you run Samba or something that uses SMB, >> you're going to see a pretty good performance hit >> when transferring files from one machine to another >> via "drag and drop". > Sorry Andrew but this is rubbish. On my mixed NT/FreeBSD systems I see no difference in speed dragging and dropping files over Samba shares than by using FTP. If this is the case then the Samba or the NT or the network itself is misconfigured. >One of my intentions is to keep these two machines very distinctly >separate--which rules out any of the warm-and-fuzzy "network neighborhood" >interfaces for moving files between them. Properly configured NT shares and Samba shares are no less secure than FTP access. > >Yeah, but compared to what? All you really need is bandwidth, anyway. And >TCP/IP is relatively low overhead on the processor side, compared to fancier >protocols. > Where do I begin with this gem? First of all, TCP/IP IS inefficient on a LAN compared to a lot of simpler protocols like NetBIOS or IPX. It has a lot more overhead. Today of course with 10Mbt and 100Mbt LANS this isn't a concern. But it sure was a concern on ancient crap like Arcnet which is why Novell designed IPX. Second of all, raw bandwidth has nothing to do with efficiency. A satellite feed, for example, can have gobs of bandwidth but will still run like crap unless the systems at each end have their windows extended to handle the higher latency. Third of all, TCP/IP has a lot more overhead on the processor side than other protocols. And, what "fancier" ones are you talking about? TCP/IP is just about the fanciest one out there!! Note that after lots of work, Novell could only stuff an IP stack (and a lacking one at that) into a 45K TSR, whereas they got IPX.COM down to about 16k. Both of these were hand-optimized assembly. And the CPU has a lot more work to do to establish a TCP connection than IPX. > >> I see you haven't been patching it all that much. > >I don't fix things that aren't broken. > According to Microsoft, the software IS broken, that is why a patch was released. > >No other desktop operating system has even come close to the excellence of >design that Windows NT provided; it was a huge step forward in desktop OS >design. Sorry, but OS/2 was just as advanced, in fact more so than NT in a lot of ways. NT basically was a rewrite of OS/2 1.3 and there were a lot of things that IBM introduced into OS/2 (like OS updates over the Internet, the desktop user interface) that Microsoft later copied. The UI is a particulary obvious one, NT 3.5 was basically the Win3.1 interface, while NT 4 was a copy of OS/2 2.0, even down to the operation of Shortcuts. >Mainly because it was designed by developers with mainframe >experience, >instead of high-school students and geeks with six months of experience, like >most previous desktop operating systems. > The "mainframes" that these developers were previously designing for had CPU's that were less powerful than a 14.4K modems and lacked features that are taken for granted on PC CPU's. I don't know why the word "mainframe" has such an impression on you, the CPU architecture of the 386 was lightyears ahead of anything that DEC had in a production mainframe. In fact the only significant operational difference between a mainframe like a VAX and a 80386 is that the VAX had great I/O, and could support hundreds of terminals attached to it. The PC architecure could not support that kind of I/O. But, significantly, NT Server had piss-poor I/O and was not multiuser, in short most of the items that made a mainframe different than a PC were not implemented in NT. I don't know why it is that you think that these Digital designers took all this experience and used it to design NT, because NT is mostly unlike what was going on in VMS and UNIX both of which these Digital designers were working on. > >And it still takes just as long to get anything done, thanks to software that >has expanded almost as quickly as the hardware. The net gain is >roughly zero. > No that has nothing to do with it. The reason it takes just as long to get anything done is that humans (who actually are the ones that do anything) have not increased in speed tenfold. >However, if you were to run software from ten years ago on one of today's >machines, it would indeed run 20-30 times faster. But most people >never think >of trying that. > But you still cannot type up a document faster in WordStar for DOS running on a Pentum than Microsoft Word for Windows running on that same system. >If you have a system that does what you want, you don't >ever have to >change it at all. This has been the philosophy in many mainframe shops for >decades, but PC users are only recently starting to see the light. > This is only true if the system is not connected to a network, which most systems these days are. You may have no interest in changing anything, but the world will force you to change. The world sends you new file format documents which you want to read so you have to upgrade, the world sends you viruses which you must protect against, the world sends you trojans and worms which you must patch, and often upgrade, to protect against. Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message