Organizations that want to use a public Unix variant have two
solutions from which to chose: Linux and BSD. The much talked about
Linux camp contains a variety of distributions that include different
utilities and tool sets. The same is true of the less frequently
covered BSD camp. This article compares and contrasts the four main
BSD variants and offers recommendations for both server- and desktop-
based solutions.
BSD History
There are four main BSD variants. Three of these (FreeBSD, OpenBSD,
and NetBSD) are totally free; the fourth (Mac OS X) is technically
the core part of an operating system that most wouldn't even consider
a BSD variant. To understand the differences between the various
versions, let's briefly recap the history of BSD to understand how
the different versions have developed.
Today's BSD variants are open source versions of the original AT&T
Unix operating system. In fact, they all come from the Unix developed
at the University of California Berkeley, and BSD is actually short
for Berkeley Software Distribution. A significant part of the
original BSD code was based on the AT&T Unix code, which wasn't free.
Through efforts on the part of a few key members of the original BSD
development team, such as William F. Jolitz, the final parts of the
code were developed under an open source license and produced 386BSD.
In 1993, 386BSD was forked into two of the main versions we know
today: NetBSD and FreeBSD. They were formed with different aims and
goals. Not surprisingly, each has its own history. OpenBSD, the third
variant, arrived in 1996 and was developed specifically to address
some of the security concerns in the other variants.
The BSD incorporated into Mac OS X is known as Darwin. It is
available as a completely separate component. Darwin itself is
derived from the BSD layer of the NextStep operating system,
developed by NeXT, the company set up by Steve Jobs after he left
Apple in the 1980s. Technically, Mac OS X is based on the FreeBSD
core, with OS X 10.3 based on FreeBSD 5.x. It is, however, extremely
customized beyond the base BSD code. The key benefit with Mac OS X is
the Aqua GUI that allows OS X to operate like the original Mac OS
operating system but still have all the benefits and flexibility of
an efficient BSD kernel.
Common Features
Like other Unix variants, the four BSD distros provide similar basic
functionality. All contain the following core components:
Kernel — Pre-emptive, multitasking with job control
Security — The basic log-in and authorization system
Shell Interface — The Bourne, C, Korn, and other third-party shells
Networking — Adherence to the TCP|UDP/IP standard and support for all
the base protocols (e.g., finger, telnet, NFS, and FTP)
Third-Party Networking — Support for Apache, Mac file sharing
(through NetAt), and Windows file sharing (through Samba)
Base Utilities — Rich, built-in utility list, including awk, cut,
paste, sed, and ed
In addition, because it is a Unix-like operating system, most of the
other tools, utilities, and systems, such as Perl, Python, Apache,
MySQL, PostGreSQL, Java, C/C++, work with BSD. However, because it is
a less popular Unix alternative than Linux, fewer prepackaged
applications are available. Some BSD variants do come with a Linux
compatibility package, though, that enables them to execute Linux
applications (from the same platform) directly.
BSD systems have a reputation for better reliability than some
alternatives, largely because they are developed with smaller, more
focused development teams. They also boast a more mature code base,
as a significant proportion of the BSD ethos come from the very
earliest forms of Unix.
So with all these similarities, how does one differentiate the
various versions and choose which to deploy?
FreeBSD
FreeBSD came to be one of the most popular BSD revisions after its
early release through Walnut Creek CD-ROM, an early pioneer in
distributing free and open source software on CD before the explosion
of the Internet. Its primary platform is the x86 PC, including the
current AMD and Intel 64-bit variants, though it also has a presence
on Sun's SPARC platform.
The main focus for FreeBSD is performance, particularly of the TCP/IP
stack with a number of companies, including Yahoo, using FreeBSD as
an Internet server platform. FreeBSD holds the unofficial record for
transferring data, having achieved more than 2 Terabytes of data from
one server running the OS. It follows from this statistic that
FreeBSD is also one of the most stable OSes available.
The developers of FreeBSD put a lot of effort into making the system
as easy to use as possible. Thus, FreeBSD has one of the easiest
installs of all the Unix platforms. Once the system has been
installed, you can easily download, compile, and install additional
packages through the built-in ports system, a third-party solution
that automates the process. The Ports Collection downloads the
necessary files, checks the files for integrity, builds the
application, and then installs the application. This simplifies one
of the most time-consuming aspects of deploying applications to
different computers.
FreeBSD at a Glance
Home Page http://www.freebsd.org/ Platforms i386, Alpha, IA-64, AMD64, and UltraSPARC
Original Release December 1993
Focus High performance computing, ease of use, and stability
NetBSD
NetBSD was released a few months before FreeBSD. Unlike FreeBSD,
which concentrated on the performance and best-quality support for
its main target platform, NetBSD was developed to support as wide a
platform base as possible. It would be difficult to list all
available versions of NetBSD, but it runs on more than 50 platforms,
from mainstream ones, such as x86 and SPARC, to niche products like
Sega's Dreamcast and a number of hobbyist, handheld, and embedded
devices.
This portability gives NetBSD an edge. Although it gives the OS an
air of disparity, the reality is different. The variety of platforms
supported means the code is efficient and secure, with a wide range
of experience that improves the OS as a whole.
The range of support also means NetBSD runs on much more powerful
hardware than is supported by other distributions. Higher-end
dedicated Unix workstations from Sun, Hewlett-Packard, and the old
Digital/Compaq Alpha platform can be used with NetBSD to provide all
of the stability and performance of the BSD platform while giving a
new lease of life to older available hardware.
The portability is also a major attraction as a deployment and re-
development choice for those building their own computers, or using
one of the many embedded hardware solutions. This keeps NetBSD as a
popular choice in universities and science labs.
NetBSD at a Glance
Home Page http://www.netbsd.org/ Platforms Just about all
Original Release December 1993
Focus Portability and stability
OpenBSD
OpenBSD was developed by Theo de Raadt after a disagreement over the
future of the NetBSD code. OpenBSD development began by focusing on
producing an incredibly secure OS, and it's an approach that
continues to this day.
Unlike other BSD variants, and most Unix flavors, OpenBSD is
installed with everything but the absolutely essential services
disabled. Users used to having NFS, Telnet, finger, FTP and other
features running out of the box on a Linux installation will find
they have to specifically enable, rather than disable, these services
on OpenBSD. OpenBSD was designed this way to eliminate the
possibility of these 'accidentally' being open and therefore causing
a potential security breach.
OpenBSD also includes a range of built-in cryptography standards,
such as RSA, Blowfish, DES, and full support for the IPSec TCP/IP
security system. Cryptographic support is further enhanced with
support of a number of hardware accelerators, including many of the
third-party PCI cards and support for newer systems, such as the
Random Number Generator and Advanced Encryption Standard built into
the latest VIA C3-series CPUs. OpenBSD is well suited for use in a
network router, firewall, and secure Internet service solution
because of its high level of built-in security and encryption.
OpenBSD's overall security is further enhanced by a strict method of
code testing and auditing. The code has been examined, virtually line
by line, to find potential faults in the system. Thus, gaps in the
OS, both real and potential, are plugged before they can be used and
exploited.
The result — an OS that for years has not had a remote-root exploit
of the type often found on other operating systems.
OpenBSD at a Glance
Home Page http://www.openbsd.org/ Platforms i386, Alpha, AMD64, sparc, sparc64, hp300, hppa, mac68k,
macppc, mvme68k, mvme88k, and vax
Original Release November 1995
Focus Security and code purity
Mac OS X
Darwin, the kernel on which Mac OS X is based, is itself based on the
FreeBSD code with a custom Mac kernel in place of the standard BSD
kernel. Darwin's main focus is to provide the base on which the rest
of the Mac OS X environment runs. Although Darwin is not designed as
an alternative to other BSD offerings, it does have a place in the
BSD space.
Most users logging in remotely to an OS X machine would hardly notice
a difference in the environment if they didn't look around too
closely. The same utilities and environment are available as within a
genuine FreeBSD environment.
The Darwin project is completely open source, Apple makes the system
and source code available online, and changes to the Darwin code are
rolled back into the FreeBSD source tree. Darwin is supported on both
the PowerPC and x86 platforms, which often surprises people.
Where Darwin differs from the three other distros is that it forms
the base of the Mac OS X operating system. A proprietary suite of
tools and a user environment (Aqua) built on top of the Darwin core
provide a user interface not vastly different from the Mac OS 9 and
earlier interfaces for which Apple is famous. It is through Aqua that
the majority of custom and commercial applications, including Adobe
InDesign, Illustrator, and Microsoft Office are made available.
Despite the additional applications and interface options supported
by Aqua and Mac OS X as a whole, underneath, the FreeBSD core is
always available. You can open a shell interface through the Terminal
application; there is support for X Windows System based
applications; and you still have access to Perl, Python, MySQL,
Apache, and any other Unix-compatible tools.
The Darwin core is an open source project, with Apple and members of
the Darwin community enhancing the Darwin code and extending the
operation and functionality of the system. Ultimately, any changes
made in Darwin make their way into other parts of the BSD family.
Apple is also helping to support the BSD community as a whole, so
improvements to the BSD platform flow freely between the Apple and
community camps.
Darwin/OS X at a Glance
Home Page http://developer.apple.com/darwin/ Platforms x86 (Darwin only) and Mac (Darwin+OS X)
Original Release March 1999
Focus Ease of use
Choosing a Desktop Solution
Which flavor of BSD you chose should depend largely on what hardware
the desktop uses. On an Intel- or AMD-based PC, FreeBSD is a stable
and widely supported choice. For older hardware, or hardware that is
not exactly mainstream, NetBSD might be a better solution. NetBSD is
even more suitable for developing and deploying an application on one
of the many embedded solutions, as you can probably use NetBSD on
both platforms.
If you need a Unix environment but also want access to commercial
applications like Microsoft Office, or products from Adobe, Alias,
and others, Mac OS X delivers the best of both worlds. The FreeBSD-
like kernel provides a complete set of standard Unix utilities and
libraries that enable you to use the BSD and OS X elements
simultaneously.
For the record, OS X is my platform of choice. I develop Web
applications using Perl, MySQL, and others while writing articles and
books using Microsoft Word, all on a Power book G4 running OS X.
Choosing a Server Solution
OpenBSD is the obvious choice on the server because of its very high
security principles. With such a safe environment it's easy to deploy
an OpenBSD-based server without worrying too much that the system or
network will be compromised. OpenBSD, in particular, is ideal for use
as a public-side server on the network and for providing firewall and
proxy services between the Internet and an internal network.
For a pure Web server, FreeBSD is also a good choice purely because
of its stability on key hardware platforms like x86. The quality of
the disk drivers and networking stack means exceptionally high levels
of availability. It's also possible to make FreeBSD more secure by
specifically disabling the services you don't need to support.
If you prefer to work within the general security of the BSD
platform, but with a friendlier configuration and management
environment, consider Mac OS X Server. It provides all the benefits
of the FreeBSD platform, with a friendlier front end. OS X Server
provides more extensive support for Apache; file sharing through NFS,
AppleTalk, and Samba; a built-in firewall and VPN; directory services
through OpenLDAP; and audio/video streaming through QuickTime. This
functionality comes pre-configured and ready to use.
All of this comes at a price. Unlike other offerings, OS X Server is
a commercial product. Although Darwin is free, the configuration and
management tools built into OS X Server make it so nice to use
compared to the other BSD options.
All in all, when evaluating a Unix-based OS other than Linux, all of
the BSD variants are equally matched.
---
* Origin: [adminz] tech, security, support (192:168/0.2)
generated by msg2page 0.06 on Jul 21, 2006 at 19:04:05
search: