I prefer to use BSD (Free* or Open*) as servers, as opposed to Linux.
Why?
If you've ever installed a Linux distribution, you will immediately note the number of third-party libraries and applications installed on a 'base' system. This is frustrating for me, because for the most part I may not want all those extra applications installed, because it clutters up the system, and there may be various vulnerabilities present that I'll be open to.
Instead I prefer to use BSD in these situations, because when you install the operating system, everything with a few choice exceptions (ie, gcc, apache, less) everything is part of the BSD operating system, no third party apps are installed unless you choose to at install time.
So when I install a BSD server, its clean from the get go. If I want bash, I have to install the package. This way I get control over what is on my system, and spend far less time adding what I want, instead of removing what I don't want (in the case of a Linux distro).
I use MacOS X laptop, which is the vision for what I always wanted my linux desktop systems to be. I can play DVD's, get sound working, simple updates, bash, gcc, ircII, web browsers which don't have problems on most sites, beautiful MP3 application, mail, etc.
For me, I don't even bother with Linux except for testing program portability, or for wireless lan-related applications (airsnort).
I'm a longtime Australian resident, and have been saddened to see more kowtowing to our 'big brother', the United States, instead of seeking out our own identity and place in the global marketplace.
This possible DMCA "adoption" is another example of us bending over backwards to please our economic partners.
I had high hopes for us when our Australian Competition & Consumer Commission (ACCC) started defending our rights against DVD region encoding. Looks like we need to do more campaigning to wake the public up before this new movement gets too far.
I think one of the problem's that will be faced when moving to IPv6 is troubleshooting connectivity between legacy IPv4 networks and newer IPv6 networks. As someone who works with firewalls daily, I can tell you troubleshooting applications (proxies, backup clients), network devices (routers, layer-4 switches) and firewalls is a nightmare with IPv4. I can't begin to imagine the horror of having to include IPv6 into the fray.
Until I see network engineers who know how to reliably debug traffic flowing across their routers and application implementors who actually know how their application's protocols work, I know that I'll be very very afraid to recommend IPv6 (simply from a troubleshooting perspective).
Since troubleshooting is often the majority of a network engineers/firewall admins role, I see this as a major impediment to moving to IPv6.
As a napster user (when it was open), I remember downloading lots of music that I had heard about from friends. If I liked the tunes I downloaded more from the artist/group. I then generally bought the CD sometime later - because I knew what I was going to get before I payed.
From memory, albums I bought included:
* Moby
* Robert Miles
* Garbage
(probably about five more that I can't recall).
The lesson here is that if as a consumer, I get to really try before I buy - and like what I'm evaluating - then I'm increasingly likely to purchase the item. I can't remember how many dodgy computer games I've purchased that have ended up never being touched beyond the first night - simply because I didn't know what I was getting beyond the marketing spiel.
If you're a tech worker then you most probably have your visa/credit card, and have a decent balance on it. When I am looking for a particular piece of software and it turns out to be shareware, if the company actually has a decent online payment system (credit-card or paypal), then I usually pay up.
However I only pay if the application is such that you have noticeably restricted options in shareware mode, for example, an avi player for macos x. I don't think anyone I know has ever payed for winzip, which has no major constraints in shareware mode.
As I said above, the other issue comes down to how easy it is for me as the user to pay for the software. If the company/programmer hasn't got a suitable, easy payment system - then it becomes too much effort to register and pay, and it doesn't happen.
I've dabbled with different programming languages, and profess to be adequate at C, Perl and Bash (does shell programming count?). A few months ago I looked into Lisp, excited after reading a paper by Peter Norvig that talked about "powerful languages" and how some languages were inherently more powerful than others (he argued why he thought Lisp was one of the best).
So I bought a book on Lisp (ANSI Common Lisp), downloaded the Clisp implementation, and started playing around.
One of the first things I noticed (in its absence) was the lack of supporting libraries. Where were the libraries for socket programming, text processing, cryptography, etc? After some searching it was possible to locate some TCP/IP libraries (their lisp equivalents), but they didn't appear as solid as I would've hoped for.
Sidenote: I'm not saying they sucked, but the fact that you had to search for third party support of what I considered fundamental requirements of a language (at least for what I would've been using it for) was annoying.
The above issue, combined with the apparent esoteric nature of Lisp drove me towards Python instead.
A person like myself uses programming languages to accomplish tasks. I want to be able to do this quickly (rapid development) with minimal learning curve required. Languages such as Perl and Python are great for this kind of work. They've got a large community supporting it, socket and text processing operations are natively supported.
Few people are going to use Lisp when it takes a lot less effort to do the equivalent in another language, regardless of its "power". Lisp may have a place for specialised applications, but at least for internet-related apps, it will not be most people's first choice.
As a security admin for an international firm, we're currently engaged in enhancing logging on our Unix servers. As a first stage, we're ensuring that all system messages with a facility level of AUTH are getting locally logged and also sent out to a dedicated logging server. To address legal issues, all system's MOTD's explicitly state "You will be monitored, you have been warned." Future stages will include migrating to one of the enhanced system logging daemons that thankfully use TCP and encryption for sending logs to remote systems. Anyone else rolled out a system logging architecture at an enterprise level? How'd you go about it? -harikiri
Slashdot Mirror
Note the use of "I prefer" and "For me". I'm not saying that everyone should use BSD, only why for me its preferable on server systems.
And I have used Debian before (try installing it on an ibook!), but my preference in this area is still with Free/OpenBSD. =)
I prefer to use BSD (Free* or Open*) as servers, as opposed to Linux.
Why?
If you've ever installed a Linux distribution, you will immediately note the number of third-party libraries and applications installed on a 'base' system. This is frustrating for me, because for the most part I may not want all those extra applications installed, because it clutters up the system, and there may be various vulnerabilities present that I'll be open to.
Instead I prefer to use BSD in these situations, because when you install the operating system, everything with a few choice exceptions (ie, gcc, apache, less) everything is part of the BSD operating system, no third party apps are installed unless you choose to at install time.
So when I install a BSD server, its clean from the get go. If I want bash, I have to install the package. This way I get control over what is on my system, and spend far less time adding what I want, instead of removing what I don't want (in the case of a Linux distro).
I use MacOS X laptop, which is the vision for what I always wanted my linux desktop systems to be. I can play DVD's, get sound working, simple updates, bash, gcc, ircII, web browsers which don't have problems on most sites, beautiful MP3 application, mail, etc.
For me, I don't even bother with Linux except for testing program portability, or for wireless lan-related applications (airsnort).
Check out Electronic Frontiers Australia, our equivalent to the EFF.
I'm a longtime Australian resident, and have been saddened to see more kowtowing to our 'big brother', the United States, instead of seeking out our own identity and place in the global marketplace.
This possible DMCA "adoption" is another example of us bending over backwards to please our economic partners.
I had high hopes for us when our Australian Competition & Consumer Commission (ACCC) started defending our rights against DVD region encoding. Looks like we need to do more campaigning to wake the public up before this new movement gets too far.
I think one of the problem's that will be faced when moving to IPv6 is troubleshooting connectivity between legacy IPv4 networks and newer IPv6 networks. As someone who works with firewalls daily, I can tell you troubleshooting applications (proxies, backup clients), network devices (routers, layer-4 switches) and firewalls is a nightmare with IPv4. I can't begin to imagine the horror of having to include IPv6 into the fray.
Until I see network engineers who know how to reliably debug traffic flowing across their routers and application implementors who actually know how their application's protocols work, I know that I'll be very very afraid to recommend IPv6 (simply from a troubleshooting perspective).
Since troubleshooting is often the majority of a network engineers/firewall admins role, I see this as a major impediment to moving to IPv6.
-h
This is as stupid as punishing those responsible for roads/etc infrastructure because of drug smuggling.
As a napster user (when it was open), I remember downloading lots of music that I had heard about from friends. If I liked the tunes I downloaded more from the artist/group. I then generally bought the CD sometime later - because I knew what I was going to get before I payed.
From memory, albums I bought included:
* Moby
* Robert Miles
* Garbage
(probably about five more that I can't recall).
The lesson here is that if as a consumer, I get to really try before I buy - and like what I'm evaluating - then I'm increasingly likely to purchase the item. I can't remember how many dodgy computer games I've purchased that have ended up never being touched beyond the first night - simply because I didn't know what I was getting beyond the marketing spiel.
-h
If you're a tech worker then you most probably have your visa/credit card, and have a decent balance on it. When I am looking for a particular piece of software and it turns out to be shareware, if the company actually has a decent online payment system (credit-card or paypal), then I usually pay up.
However I only pay if the application is such that you have noticeably restricted options in shareware mode, for example, an avi player for macos x. I don't think anyone I know has ever payed for winzip, which has no major constraints in shareware mode.
As I said above, the other issue comes down to how easy it is for me as the user to pay for the software. If the company/programmer hasn't got a suitable, easy payment system - then it becomes too much effort to register and pay, and it doesn't happen.
-h
Oops. I think that paper was from Paul Graham, not Peter Norvig.
I've dabbled with different programming languages, and profess to be adequate at C, Perl and Bash (does shell programming count?). A few months ago I looked into Lisp, excited after reading a paper by Peter Norvig that talked about "powerful languages" and how some languages were inherently more powerful than others (he argued why he thought Lisp was one of the best).
So I bought a book on Lisp (ANSI Common Lisp), downloaded the Clisp implementation, and started playing around.
One of the first things I noticed (in its absence) was the lack of supporting libraries. Where were the libraries for socket programming, text processing, cryptography, etc? After some searching it was possible to locate some TCP/IP libraries (their lisp equivalents), but they didn't appear as solid as I would've hoped for.
Sidenote: I'm not saying they sucked, but the fact that you had to search for third party support of what I considered fundamental requirements of a language (at least for what I would've been using it for) was annoying.
The above issue, combined with the apparent esoteric nature of Lisp drove me towards Python instead.
A person like myself uses programming languages to accomplish tasks. I want to be able to do this quickly (rapid development) with minimal learning curve required. Languages such as Perl and Python are great for this kind of work. They've got a large community supporting it, socket and text processing operations are natively supported.
Few people are going to use Lisp when it takes a lot less effort to do the equivalent in another language, regardless of its "power". Lisp may have a place for specialised applications, but at least for internet-related apps, it will not be most people's first choice.
Cheers,
H-
As a security admin for an international firm, we're currently engaged in enhancing logging on our Unix servers. As a first stage, we're ensuring that all system messages with a facility level of AUTH are getting locally logged and also sent out to a dedicated logging server. To address legal issues, all system's MOTD's explicitly state "You will be monitored, you have been warned." Future stages will include migrating to one of the enhanced system logging daemons that thankfully use TCP and encryption for sending logs to remote systems. Anyone else rolled out a system logging architecture at an enterprise level? How'd you go about it? -harikiri