Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 15 Feb 2005 01:57:11 +0100
From:      Anthony Atkielski <atkielski.anthony@wanadoo.fr>
To:        freebsd-advocacy@freebsd.org
Subject:   Re: SPAM: Score 3.3: Re: Instead of freebsd.com, why not...
Message-ID:  <7710244285.20050215015711@wanadoo.fr>
In-Reply-To: <2fd864e05021416142cfe2249@mail.gmail.com>
References:  <9C4E897FB284BF4DBC9C0DC42FB34617641AE6@mvaexch01.acuson.com> <d9175cad05021205463a6c12fb@mail.gmail.com> <d9175cad050214084136d3b12c@mail.gmail.com> <2fd864e05021416142cfe2249@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
Astrodog writes:

> %60-some percent of webservers run Apache. More than 2 million of
> those run FreeBSD, (Almost as many as all of Linux combined) There's a
> bit more to it than exposure.

First, those numbers are far lower than the number of desktops exposed
to the Net.  And second, servers are much more tightly controlled than
desktops, and are much less visible, and so they make less interesting
targets for many kiddies.

Even so, as I've said before, the one virus infection I've had was an
infection of Apache on FreeBSD.

> NIS/NIS+/LDAP, can all do this quite well. Combined with NFS... hot
> damn, you have the same thing, except minus the whole
> overhead/multiuser issue below

From=20what little I know of NIS, it's quite different from SMS on Windows
networks, and it has some serious security issues.

> If he is following ANSI C, and keeps his code modular, for the most
> part, the OS its actually written on is irrelevent.

Yes, but hardly anyone writes real-world application systems in ANSI C.

> Yay for TrustedBSD.

FreeBSD 5.3 provides some limited support for ACLs as well, although I
haven't the courage to be a pioneer and experiment with it (in any case,
I don't need it on my server, and in serverland, if you don't need it,
you don't install it).

> Hrm. Every time I boot my system, it asks for a username, and
> password. If I don't know the root password.... I could boot it single
> user.... but even then, it STILL asks.

I remember that there is a way around this, but I don't remember the
specifics.

On a Windows system, you never get this opportunity.  At best, you can
log on as a local user (if you have a local account), but then you have
no access to Windows network resources.  Once you log into a domain
account, the SMS stuff will run, if present--you can't stop it.  In the
days when I had to deal with SMS, the only way we could prevent it from
running was to use a hacked version of the OS.

--=20
Anthony




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7710244285.20050215015711>