From owner-freebsd-questions@FreeBSD.ORG Sun Jul 31 15:16:25 2005 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5266B16A41F for ; Sun, 31 Jul 2005 15:16:25 +0000 (GMT) (envelope-from jeff.dyke@gmail.com) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.193]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6990443D4C for ; Sun, 31 Jul 2005 15:16:24 +0000 (GMT) (envelope-from jeff.dyke@gmail.com) Received: by rproxy.gmail.com with SMTP id r35so1197140rna for ; Sun, 31 Jul 2005 08:16:23 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:reply-to:user-agent:x-accept-language:mime-version:to:subject:content-type:content-transfer-encoding:from; b=Itchc3BS9bxZU/m4Bi7fE75CUM9tb3AwwqkemyM/eoIEIQXxAoj95A7RVy6n5+Uc4airHuiUsYxFqH42BWEi9L6nWp17AEJHm8tJh822LgrgoS0O0SB2DTUhOyTCgRLHXvsSnNZuxDyMNrlYuFcOoUoCrdCP5LS32hi9RAtZ1AA= Received: by 10.38.9.24 with SMTP id 24mr672279rni; Sun, 31 Jul 2005 08:16:23 -0700 (PDT) Received: from ?192.168.15.100? ([66.31.74.215]) by mx.gmail.com with ESMTP id h18sm997669rnb.2005.07.31.08.16.23; Sun, 31 Jul 2005 08:16:23 -0700 (PDT) Message-ID: <42ECEBC4.3020605@azimapower.com> Date: Sun, 31 Jul 2005 11:18:28 -0400 User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit From: Jeff Cc: Subject: dmz server setup - opinions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jdyke@azimapower.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Jul 2005 15:16:25 -0000 I realize this may be partial religion and then potentially bias due to the list but here goes anyway. I need to build a DMZ server, of sorts, that will sit on the public internet. It will take in data from embeded devices and in turn services from behind a firewall will pull data from it to later process. The main processes that i need to run are ftpd,httpd, possibly smtpd(sasl2,tls), and later proprietary code that talks to the embeded devices. Originally i was thinking of using OpenBSD, as it seems to lend itself very nicely to the public but secure environment. On the other hand, if i were to use FreeBSD, i could jail each process, granted i could also chroot each process in OpenBSD and httpd is already done for me. I will be running a firewall on the box either way and will also have sshd and rsyncd running, only allowing access from the internal network. I have move expierence with freebsd, but my limited knowlegdge based on an install and configuration of openbsd3.7 has made me comfortable with it as well. Any opinions on which OS is better suited for the task? Security and reliablity are the foremost concers( aren't they everyones ) and i think both OS are more then up to the task. Thanks for any input. jeff