Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Linux Server


  • Please log in to reply
7 replies to this topic

#1 spearball

spearball

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 08 October 2007 - 12:05 AM

What linux distro out there (one that is free or open source) is the best and safest for me to put on an opteron server here for my network. The server will act as a dns server/router/firewall. I tried the ubuntu server edition but it doesn't seem to have a gui and i really can't get around in linux without a gui since im more suitable in windows for that.

Thanks

Edited by spearball, 08 October 2007 - 12:11 AM.


BC AdBot (Login to Remove)

 


#2 BlackSpyder

BlackSpyder

    Bleeping Big Rig


  • BC Advisor
  • 2,456 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Huddleston, VA USA (Home Sweet Home)
  • Local time:01:15 AM

Posted 08 October 2007 - 12:33 AM

Most servers are designed to run "headless" (ie: no montior) therefore the GUI is usually left out. My picks for server distros are Fedora and Debian. both are stable as can be but debian ranks alittle higher on my list with its 18 month release cycle compared to Fedoras 6 month release cycle. (Debian=Stable like Pork=Pig).

Dont get me wrong Ubuntu server is great and if its still installed you can use it with a GUI by running only one command and then rebooting

That command is
sudoapt-get install gnome
for GNOME desktop (Windows2000 style)
-or-
sudo apt-get install kde
for the KDE desktop (Windows XP style)
-or-
sudo apt-get install xfce4
for a lighter version of GNOME (Its base on the GTK environment versus the GTK2 environment GNOME uses)

there are a few other desktops reaily available for Ubuntu like blackbox and fluxbox (which adhere to the Windows 3.1 Window Management style) if you would like the commands to install one of them I will be happy to oblige.

Posted Image




#3 spearball

spearball
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 08 October 2007 - 10:03 AM

Thanks i'll try out debian then. So if i understood this correctly, every linux distro can be run in text mode which uses less resources and logically gives better stability? Most server distos start out in text mode by default for optimal performance. Is this correct?

#4 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:11:15 PM

Posted 08 October 2007 - 10:09 AM

I might just mention that having any unnecessary applications running on a server, for whatever reason, presents another potential door for malicious users to get in. In my experience, what usually happens when someone decides they need a gui on their server, then they decide that it needs it's own input devices because they can't use vnc, and then that it is much easier to use Firefox to download necessary updates, etc, etc.

Do what you want, but you will be better off in the long run if you just learn how to do things from a terminal. For some reason, everybody has the idea that using the command line is some skill reserved only for 'leet hackers. There is nothing difficult about it. You are going to have to learn how to use the command line anyway. I can't see how it can possibly be avoided.

Most server distos start out in text mode by default for optimal performance

No. Many distros start out in text mode because the display drivers have not yet been installed, or the drivers may not even be included in the distribution package. The only performance gains are going to come from not having the overhead of a graphical environment. There is no way that a single distro can know how to 'optimize' the computer on which it is being installed giving the potentially infinite variety of hardware available.

#5 spearball

spearball
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 08 October 2007 - 10:21 AM

Thanks groovicus. One last thing..... You say that having unnecessary applications running presents potential doors for malicious users to get in. Is it possible to disable everything you dont need and then disable the gui so only the programs you need are running?

#6 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:11:15 PM

Posted 08 October 2007 - 10:49 AM

Server distributions are set up (or should be set up) so only the needed services are running. Yes, you could manually enable the gui, and then manually disable the gui, but then you are constantly editing config files. The temptation after a while would be to just leave it running. Altering a server distro in any way is just a bad idea, unless you know linux inside and out, and then know the distro inside and out. Gnome is not just a stand-alone application, there are other applications attached to it. Each of those applications has a cascade effect of adding files, changing permissions, altering configuration files, etc.

Once a server is set up, there should not be that much to do. Ssh, cp, mv, less, nano (or vi), and maybe a handful of other commands are all you need. Again, do what you want: I am just of the opinion that since I don't know enough about how a distro is put together, then I can't possibly keep it secure. If I can't keep it secure, then there isn't much sense in me running it in the first place. I am also of the opinion that tools are meant to be used in the way which they were intended, so if I am going to use those tools, then I need to learn how to use them properly, otherwise there is no sense in me using them. After I understand how things work and their capabilities, then I can alter them.

If you merely want a server to host some web pages for friends, then it isn't such a big deal to re-image the server when it gets hacked. A real production server is a different problem because money is on the line when the server is down.

#7 spearball

spearball
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:01:15 AM

Posted 08 October 2007 - 04:16 PM

Hey thanks a lot man i just picked out fedora and its great so far. Im just a little lost how to setup the network firewall. Does it come with one already? Is there anything for linux like kerio winroute for windows which comes with vpn, network firewall and web filter?

#8 groovicus

groovicus

  • Security Colleague
  • 9,963 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Centerville, SD
  • Local time:11:15 PM

Posted 08 October 2007 - 05:23 PM

Since you chose Fedora, your best bet is going to be to go to a forum that supports Fedora. I have no idea what is packaged with Fedora, so I can't help.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users