mia said:hello friends,
I need super secure OS for my server - When I open my IP in browser My server has to send me words "hello world" only. I don't need any additional services and open ports. It should be the most secure and bullet-proof.
Is freeBSD right for me? thanks
There is no such thing called secure os. This is your first lesson. I suggest you start with this thread (especially read last General security tips part):I need super secure OS for my server
mia said:Rocky, thank you for your answer. You are right I know I could destroy OS safety with wrong configuration.
but the question is the same: Is freeBSD secure enough for this purpose (when I disable all unused services and ports)?
Or should I use some linux distro?
vivek said:There is no such thing called secure os. This is your first lesson.
Any os can be cracked including OpenBSD / FreeBSD / Windows / OS X and so on.
vivek said:There is no such thing called secure os. This is your first lesson. I suggest you start with this thread (especially read last General security tips part):
http://forums.freebsd.org/showthread.php?t=4108
Any os can be cracked including OpenBSD / FreeBSD / Windows / OS X and so on. However, continues server monitoring, patching, running only required software, offsite backups, host & firewall security, IPS, IDS, and minimal default privilege for each service ensures security. You just can't configure server security once and forget it. It needs some sort of automated / manual monitoring system.
As a new freebsd use, you should start configuring server locally inside VMware, virtual box or jails. This way you can learn and break stuff without getting into any serious trouble. Once you understood security and FreeBSD, start managing real box.
Good luck!
last message repeated 3 times
May 31 00:08:07 P3 pure-ftpd: (?@211.63.60.6) [WARNING] Authentication failed for user [jennifer]
May 31 00:08:27 P3 pure-ftpd: (?@211.63.60.6) [ERROR] Too many authentication failures
May 31 00:08:35 P3 pure-ftpd: (?@211.63.60.6) [WARNING] Authentication failed for user [jennifer]
May 31 00:09:08 P3 last message repeated 3 times
May 31 00:09:24 P3 pure-ftpd: (?@211.63.60.6) [WARNING] Authentication failed for user [jennifer]
May 31 00:09:43 P3 pure-ftpd: (?@211.63.60.6) [ERROR] Too many authentication failures
May 31 00:09:48 P3 pure-ftpd: (?@211.63.60.6) [WARNING] Authentication failed for user [jennifer]
May 31 00:10:07 P3 last message repeated 2 times
May 31 00:10:23 P3 pure-ftpd: (?@211.63.60.6) [WARNING] Authentication failed for user [karl]
May 31 00:10:39 P3 pure-ftpd: (?@211.63.60.6) [WARNING] Authentication failed for user [karl]
fronclynne said:Well, a system on a z80 booting from ROM that ran only enough networking to run only enough of a webserver to spit out the words "hello sexy world" could be made pretty secure. I mean, you can't crack what doesn't exist.
MG said:Why make it so difficult. I'm running FreeBSD server software for years now, just for fun. I never really cared for security.
killasmurf86 said:Lol, linux is not as secure as BSD. lol lol
OpenBSD is most secure system by default.....
But It can be configured to be as secure as windows (lol, not secure at all)
oliverh said:You can even use Windows and get is as secure as every other operating system. It depends on your experience and some operating system has got the better "basement".
vivek said:Actually oliverh is right, if you know how to harden Windows XP or 2003 server, it can be secure os. Couple of large site (apart from Microsoft's own properties) such as Intel, Dell and many eCom site runs on Windows server. The main problem is stupid userbase here who clicks on any link that promises semi-nude photos / video and are willing to exchange passwords for chocolates.
However, most UNIX / Linux / BSD users are smart and geeks. They know more about computers and operating systems. Many have college degree in CS / Security / Networking etc.
Indeed. The soekris stuff looks like a good way to start moving small, and it seems to run freebsd.vivek said:To op: z80 ( http://en.wikipedia.org/wiki/Zilog_Z80 ). I highly doubt that you wanna start with this kind of embedded stuff.