Help on chosing OS

Lou Kamenov lou.kamenov at aeye-web.com
Mon Nov 11 11:32:37 GMT 2002


In some email I received from "Chris Rodgers"
<freebsd-uk at rodgers.org.uk> on Mon, 11 Nov 2002 09:08:13 -0000 :
> Either FreeBSD or Linux will do all this easily.
> 
> In FreeBSD, you'd need.
> 
> RELEASE 4.7 (download from www.freebsd.org or buy it on CDRom)

This one will be quite closer:

ftp.plig.org/pub/FreeBSD/releases/i386/ISO-IMAGES/4.7
[ ftp.plig.org == ftp.uk.freebsd.org ] 
 
> All the software below is part of the "ports collection" in /usr/ports
> (if you choose to install it).
> 
> You just cd /usr/ports/net/apache (or whatever) and then "make && make
> install". It will download and build everything. Alternatively, if you
> have the other CDs in the FreeBSD set, you can use pkg_add to install
> binary packages for these applications without having to wait for
> everything to compile.
update your ports collection before doing something like this. [
recommended] 

cd /usr/ports/*/cvsup-without-gui/ && make && make install 
[ make sure that you are connected to the internet before doing
something like this ]
cp /etc/defaults/make.conf /etc/make.conf
edit make.conf and set right values, especially the CVSup part
then,
cd /usr/ports && make update.

after that follow the apache install.
cd /usr/ports/www/apache13 && make && make install
[ i recommend 1.x ]
though 
if you need apache with SSL
take a look at /usr/ports/www/apache13-modssl.

> I recommend Courier-Imap from the ports collection for the e-mail
> users. You may need to use fetchmail to get the e-mail from an ISP.
> Sendmail is included as standard.

Sendmail conf file would be a hell for a newbie
Try qmail it`s much more simple, stable & secure.
Also it has it own POP3 server.
If you go with Qmail with Maildirs, consider using getmail
(/usr/ports/*/getmail) to download any email from you ISP.

www.flounder.net/qmail/qmail-howto.html
www.lifewithqmail.org/lwq.html
Please read all carefully.

> WEB proxy --> squid or mod_proxy with apache (see below).
right. or consider using transperant proxy to you squid server.

> Firewall --> IPFilter or IPFW (built into FreeBSD) (search google for
> appropriate rules)

Both of them are really good. I personally prefer IPF.
http://www.obfuscation.org/ipf/ipf-howto.txt
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls.html

 
> Hosting your site:
> 
> it's not really recommended under any OS to host your website off your
> proxy/ firewall machine because of the risk of getting your private
> network broken into if the web server is hacked. However, it is easy
> to do under both freebsd and linux. Think Apache (and built in ftpd).

Not exaclty, this would apply for bastion host or any firewall box,
consider this server as a small business solution.

[ Email system/Web Proxy/NAT/Filter/Web Server ]

For FTP server try /usr/ports/ftp/proftpd.

cheers,
-lk



----
Network Infrastructure/Security Analyst
Lou Kamenov    lou.kamenov at aeye.net	lou.kamenov at aeye-web.com
AEYE R&D - http://www.aeye.net AEYE Commercial - http://www.aeye-web.com
phone: +44 (0) 20 89469546 fax: +44 (0) 7092 129079
mobile: +44 (0) 7905 514036 PGP Key ID - 0xA297084A

AEYE(=AI) stands for Artificial Intelligence.




More information about the Ukfreebsd mailing list