From owner-freebsd-questions@FreeBSD.ORG Fri Mar 29 16:10:24 2013 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id 3ED7F673 for ; Fri, 29 Mar 2013 16:10:24 +0000 (UTC) (envelope-from freebsd@edvax.de) Received: from mx02.qsc.de (mx02.qsc.de [213.148.130.14]) by mx1.freebsd.org (Postfix) with ESMTP id 0A2C4DB4 for ; Fri, 29 Mar 2013 16:10:23 +0000 (UTC) Received: from r56.edvax.de (port-92-195-80-247.dynamic.qsc.de [92.195.80.247]) by mx02.qsc.de (Postfix) with ESMTP id 84E2A278C1; Fri, 29 Mar 2013 17:03:31 +0100 (CET) Received: from r56.edvax.de (localhost [127.0.0.1]) by r56.edvax.de (8.14.5/8.14.5) with SMTP id r2TG3ceb001994; Fri, 29 Mar 2013 17:03:38 +0100 (CET) (envelope-from freebsd@edvax.de) Date: Fri, 29 Mar 2013 17:03:38 +0100 From: Polytropon To: David Thurber Subject: Re: EOL Message-Id: <20130329170338.f6e45c5c.freebsd@edvax.de> In-Reply-To: <5155B0E6.9030303@thurber.org> References: <5155B0E6.9030303@thurber.org> Organization: EDVAX X-Mailer: Sylpheed 3.1.1 (GTK+ 2.24.5; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list Reply-To: Polytropon List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Mar 2013 16:10:24 -0000 On Fri, 29 Mar 2013 09:19:02 -0600, David Thurber wrote: > I have 5 XP machines on my node that are used to crunch data 24/7. So, > I'm looking for an OS platform that has a 10 year EOL to replace XP/3. It's good you're paying attention to the upcoming death of "Windows XP" and the expected birth of lots of new malware, exploiting unfixed vulnerabilities. :-) > What I got from your website appears to be a year or two at most on > freebsd 8.3, and we really don't want to repeat the travails of the > transition from 98SE to XP/3 after this one because the research team > will be mostly mid 80's early 90"s by then. You should use the most recent FreeBSD version for your first installation unless there's a _valid_ reason to use an older release which you cannot avoid. As with many software projects, FreeBSD is continuously developed. Security patches are backported from the current development branches to older (legacy) ones for some time, as long as this is possible. This of couse does not stop you to keep a FreeBSD installation running. For example, I still have a FreeBSD 4.1 file server which I see no need to replace, primarily because it runs "in-house only" and has no connection to the Internet. This is probably your biggest concern. However, FreeBSD is much more secure than "Windows XP" due to design and defaults. But keep in mind you're not just using the OS, you're also using additional software which also has to be kept current to operate securely. FreeBSD allows you to update software (from the ports collection) even on older installations. Of course this is not "possible unlimited" - but as long as the required OS infrastructures are present, it can be done. > It's a lot of data fetched > over the web so we need security updates to keep the OS secure with > minimal interaction. FreeBSD and its applications can be updated from source. There are lots of tools (such as port management tools like portmaster) to help you with this task. But there are also tools for binary updates. They even cover transition to a new major release. You can use freebsd-update to get the security patches for the OS, this is very easy and does not involve much interaction. FreeBSD will provide a very solid foundation for running secure installations over a long time. Of course you will need to perform updates, but this is very easy to do, as I said. You may check "The FreeBSD Handbook" for more information. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...