Skip to main content
Welcome guest. | Register | Login | Post

Linux Server

10 replies [Last post]
Offline
Joined: 2007-04-10

Hi!

We are trying to set-up a real server. It'll function mainly as a database and file server for 60+ computers. It might also moonlight as a web server. We have NT but will use Linux for this due to licensing costs (and might retire the NT entirely).

What's the best server GNU/linux for our needs (free versions please) or are they all similar?

a thing's picture
Offline
Joined: 2005-12-20
any distro

Any distro can be a server. Some distros though are especially designed to be optimal/easier-to-use for servers though (like installing only server software by default and providing configuration utilities (so you don't have to manually edit configuration files)).

Personally I use Fedora on my server. It has a bit of an emphasis on security (although that's not the major point of the distro) and is easy-to-use (or easy-to-setup rather, since I don't interact with my server much),

Offline
Joined: 2006-03-28
I'd recommend either Debian

I'd recommend either Debian or EnGarde Secure Linux here.
For EnGarde you have to register online to get an activation-code, but the community-edition is totally free. Also it's pretty cool to use and setup with it's web-interface.
On Debian you can have a lot of stuff, including X. EnGarde might bringt some newer versions (I guess, didn't check version-numbers of Debian 4 yet, but I think it'll be a few minors down) and has this really cool web-interface, but no X at all.

Debian of course is an old-timer and well known to be a good server.

Anyway, if you like you can also use Suse or any other distro as server.

Offline
Joined: 2007-04-10
Thanks. I did some readings

Thanks. I did some readings on Fedora and Debian since they're popular server distros although I was not sure if they'll fit our purposes. EnGarde is a new one for me and the screenshots looks good. Have read more on it.

Offline
Joined: 2007-04-14
Definitely debian off the

Definitely debian off the top of my head...from what I've seen on sites like Netcraft it's pretty popular...which could also be bad as people would try and hack into the system...but I feel it's the best choice.

dylunio's picture
Offline
Joined: 2005-12-20
reply
cesc wrote:

which could also be bad as people would try and hack into the system...

What is the lodgic behind this? Debian GNU/Linux is very stable and quite secure, especially so if you set it up right, so why would more people want to try and gain unortherised access to it than any other operating system?

tbuitenh's picture
Offline
Joined: 2005-12-21
Security by obscurity

Security by obscurity doesn't work. The most secure systems fit this profile:

- widely used and not too new ( = lots of "testing" in practice)
- Free (that is, open source) ( = available maximum number of people who could verify if it is indeed secure)
- not written in a hurry
- designed by people who at least know a bit about security

Debian stable matches all 4. (and there's OpenBSD for the paranoid)

Offline
Joined: 2006-03-28
Security by obscurity
tbuitenh wrote:

Security by obscurity doesn't work.

Well, lets say alone it won't work. It can be part of a security-strategy, but it cannot be the main part of it. Hiding a few details (like which version of Apache and PHP are running) won't do any harm and might make some script-kiddies back off when they see can't easily see the used versions match some of their ready to use exploits, regardless that these versions still might be patched against known issues.

tbuitenh's picture
Offline
Joined: 2005-12-21
Ok, let me rephrase that:

Ok, let me rephrase that: security by obscurity, in its form of using software nobody ever heard about, doesn't work, and especially not for servers. Someone with google and enough time can almost always figure out what software your server is running, and how to crack it. Or, with some bad luck, your obscure software sucks so much one doesn't even need to google to find a way to crack it.

It's better to use popular software that is known to be hard to crack than it is to use unpopular software and pray nobody will figure out what it is and google for the cracks that will exist for sure.

It's true that hiding information that is nobody's business anyway, such as software name and version, is a good idea.

libervisco's picture
Offline
Joined: 2006-05-04
I think cesc means that the

I think cesc means that the more popular it is the more likely it will be targetted which does make some sense. But as you guys pointed out, when software is Free Software and the source code is out in the open, popularity actually helps make the system even more secure. So sure, kiddies and bad boys can try to crack it, but the majority behind the system can't be easily competed with, so exploits are unlikely to happen. Holes can be closed before anyone manages to exploit them.

But when a single and complex corporate entity is the only one able to plug those holes, they can try to be faster than the bad boys, but we've seen they don't usually succeed at it.

Offline
Joined: 2007-04-10
More popular, more security