_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
			Hackers Information Report 9
			 Network-Tuned OS Overview
				 By Axon
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

	Recently, I've been messing with different Operating Systems.  As
many people have, I've had my usual Windows 95 experience, and those of us
who have been around a while have had our fun with MS (or IBM, Free, Dr)
DOS.  I found Linux, and was instantly lured by its stability, speed and
lack of hardware requirements (I've been able to run it on some pretty
minimal systems with good results).  Converting directly from "the OTHER,
unstable and proprietary operating system" to Linux got me really
thinking about what a difference the Operating system makes to
performance.

I'm sorry, but I want an operating system with Services!  Back in the days
of Windows 95, I would try all sorts of software that added "servers" to
the system.  I loved them, but they crashed often.  Windows 95 was NOT
intended to run as a machine with open services.  Being an Information
Technology Major, I have to take classes that deal with network servers,
and these classes break into three tracks.  Students MUST take at least
the "introductory level" class in two of the tracks, and then take the
"advanced" class in one of those, in order to get the degree.  The Three
tracks are "Windows NT" (NT4), "UNIX" (Solaris), and "Netware" (Whatver
version came out this week.  The netware class actually changed what
version of Netware they were using halfway through the course due to a new
version coming out...scary).

I'm not touching netware now.  I might later, but netware isn't really a
contender for the "Internet Services" networks, and is more tuned for File
and Print sharing.  So, UNIX and NT it is (as far as my degree's concerned)

The UNIX class isn't ever full enough so they keep postponing it, so I
haven't had a chance to play with Solaris yet.  This semester looks
promising, as the class actually filled up completely, and I'm one of the
lucky ones who got in.  At defcon, I was exposed to FreeBSD, and decided
to give it a try.  It's TRULY different than Linux.  Little differences
will be pointed out later in this article.

I hope to eventually try almost all of the major OS's for the Intel (x86)
platform, although I know I can't possibly mess with EVERY little obscure
OS that was written for x86.  I decided I would do this study on just a
few of the OS's that were tuned towards being "Servers".  The system I am
using for this experiment is a Second Generation Classis Pentium system,
running at 120 MHz, not overclocked.  It's got 64 Megs of RAM.  The
Operating systems were placed on Wetern Digital Caviar 22000 (2.0 Gig) 
Drives, placed inside Removeable Cartridges that slide into a Bay
Receptacle inside the system.  

	As you can see, I took time to make sure all the OS's had a fair
chance at proving how well they hold their own on a system.  I chose the
P120 because it's pretty much a "Generic" machine.  It's pretty stripped
down, having only the hard drive, a 12x IDE CD-Rom Drive, and a 3com
Etherlink III (3c509) NIC, and of course the floppy drive.  I figured this
type of machine would be powerful enough to run all the OS's I wanted to
try.

Here are the contestants:

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
OS					Reason I tried it
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_		-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-
Linux (RedHat 5.2) with updates		I'm most familiar with RedHat
FreeBSD 2.2.8 FTP install		Recognized for security/stability
FreeBSD 3.1 from CD-ROM			Test the diffs between versions
Windows NT4 Server, SP4			You think the whole world uses a
					REAL OS?
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

What really got me thinking about this "contest" was the fact that I am
basically being *FORCED* to take a class on Windows NT4 Administration.
I knew it was more power-hungry and less stable than any UNIX will ever
be, but I wanted to know HOW they all stacked up... so here is where I
tried.

The Following Categories are addressed here:

I.	Boot-up time in seconds
II.	Features that differentiate each OS
III.	"Processing Power" on a relative scale put together by Axon
IV.	Ease of administration, Things that make administration easier
V.	Woes of administration
VI.	"Out of the box" security
VII.	Software installation
IIX.	From the user's standpoint
IX.	Ease of cross-platform network integration
X.	Closing Notes
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

I.	Boot-up time in seconds

	Granted, this may not be a "totally fair" method of testing boot-
	up time, as there may be more stuff running on one OS than the
	others.  This isn't meant to be some sort of judging scale, just
	an estimate of about how long a "server-ized, yet close to
	default" install will take to boot to a login screen.

		Redhat:	 109 Seconds
		FBSD228: 117 Seconds
		FBSD31:	  99 Seconds
		NT4SP4:	 138 Seconds

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

II.	Run-of-the-mill features that differentiate each OS

	RH52:	Setup is a breeze.  If there was ever such a thing as a
		"fool proof" Linux install, this would probably go up
		there.  It's well documented in the manual, however the
		startup screen never mentions that the manual is on CD, or
		where it can be found.  It just says "if you have this
		manual read the section on `foo' before fooing".  Initial
		setup is basically a "one size fits all" kernel that is
		slower than a custom-compiled one, but it usually gets the
		job done nicely.  Linux has tons of freely-available
		software, and a long list of supported hardware makes this 
		a REALLY robust Operating system.

	FBSD:	FreeBSD has an interesting package management system
		that can keep track of your files, and upgrade packages
		nicely.  Not quite as friendly as RedHat's RPM, but 
		it does its job nicely.	Both FreeBSD Versions I tried had
		one thing that I loved at first sight: "Ports".  This is a
		selling point of FreeBSD.  It has a very unique build 
		environment in /usr/ports that breaks ported software down
		into sections such as "security", "shells", "x11-wm"
		(WindowManagers), etc.  Then each specific ported program
		has a directory of its own.  There is NO source code by
		default in any of the program build directories.  You just 
		type "make install", and it fetches the tarball, applies 
		some patches to make it work with FreeBSD, configures the
		Makefile, compiles, and installs.  Like that!  Down-side:
		installing ports can be tedious on a slow-compiling 
		machine or if your bandwidth sucks.  On a more positive
		note: The stuff is compiled on your system, works great,
		and "make deinstall" is cool!  There is quite a bit for
		Free Software out that works with FreeBSD, but Hardware 
		support and major program support lacks behind Linux so far.
		FreeBSD has an amazing feel of stability, form, and
		function while using it.

	NT40:	While not being quite the heavy hitters the more UNIX-ish
		OS's were on the lower-end test system, it's a cinch to
		admin.  It's somewhat difficult to navigate all the
		strange menus to do all your sysadmin work, but after
		using it for a while, you learn where stuff is.  This is
		a good Server OS for file sharing and the like on a
		Windows network if you need an easier-to-maintain server.
		NT can be made to handle modem-dialup connections and
		establish PPP/TCP-IP/IPX connections over the modem, just
		like the UNIX-type OS's.  Full remote program execution
		is limited, however NT can act as a "terminal server",
		where terminals (Network Computers) feed off the NT box.
		Software that adds other fun server functionalities is
		widely available, but most of it is commercial (expensive).

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

III.	"Processing Power" on a relative scale put together by Axon

	FBSD:	FreeBSD 3.1 came in first as far as using the default
		kernel setup.  It runs more things at once smoother than
		any of the other OS's tested.  FreeBSD 2.2.8 came in a
		close second.  This is truly a "Pocket Rocket" OS.

	RH52:	While RedHat Linux really screams on the P120, (compared
		to other OS's), it was outperformed by Both FreeBSD's.
		One must compare need for hardware/software support before
		choosing FreeBSD or Linux.  It WAY outperforms DOS and
		Windows 95 (which aren't part of this article).  It easily
		roasts NT4.0 when it comes to processing power.

	NT40:	Bogged down, but useable.  The UI was kind of choppy and
		crufty on our little 120 MHz box.

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

IV.	Ease of administration, Things that make administration easier

	NT40:	By far, the winner of the "ease of administration" award.
		If it is possible to sit a monkey at a server to keep it
		alive, this is the OS that I would choose.  Graphical
		menus and help systems make it so that anyone can keep the
		box alive after 2 weeks of experimenting with it. 

	RH52	Redhat is controversial throughout the Linux world.  Some
		people argue that it's "Too MS-ish".  Redhat comes loaded
		with goodies.  It's been built around administrative tools
		that require X-Window System.  These admin tools are kinda
		MS-ish, but they get the job done.  It would definitely
		take longer for someone to learn and get comfortable
		administrating a RedHat box, but the admin tools are good
		for the beginners.  I like the fact that I can edit the
		config files with vi, and get the same results without
		a GUI front-end program.  There are even front-end
		programs to help you select kernel options before you re-
		compile your kernel.

	FBSD	FreeBSD 2.2.8 is next in line. There is the added bonus
		that there are less config files than Linux, and the
		config files are larger, and control more aspects of the
		system, resulting in more centralized control of the OS.
		FreeBSD 3.1 comes in dead last, but not far behind FreeBSD
		2.2.8.  This is due to even MORE options for the kernel and
		config files.  FreeBSD's package management will not only 
		fetch the latest versions of the software you try to
		install, but will also self-grab/install any other
		programs or libraries that the program needs (Known as
		dependencies), resulting in an install-and-go package
		installation.  The FreeBSD project has done a really
		good job on their "FreeBSD Handbook" which, when I printed
		it, took up a whole 3-inch ring binder.

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

V.	Woes of administration

	NT40	It does take real skills and knowledge to use the
		advanced aspects of NT, including security.  Learning
		the menu structures is a pain, and I still get lost now
		and again when going on a clicking rampage.  Any powerful
		remote administration abilities are non-existant without
		outside Third-party programs such as VNC (See HiR7,
		article 6).

	RH52	The graphical admin tools can also be just as confusing
		as Windows NT's stuff.  Also, RPM (Redhat Package Manager,
		used for installing programs) makes the Admin get any
		dependent libraries or programs and install them
		separately.

	FBSD	Administration's just difficult! FreeBSD totally
		sacrifices user-friendliness for speed and stability.  
		There's not really a good administration tool.  Anything
		you can set during the installation process can be changed
		with the "sysinstall" tool, but that's about it.  Anything
		else must be edited in the config files by hand.  Kernel
		compile options are read from, you guessed it, a config
		text file that you have to edit by hand, and documented
		lines in the default config file are scarce.  To really
		tap the power of the kernel, you have to access the
		FreeBSD Handbook and see what it has to say.  Kernel
		options are documented well in there.

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

VI.	"Out of the box" security

	FBSD	FreeBSD 2.2.8 wins out on being most secure out of the box.
		FreeBSD 3.1 came in second.  FreeBSD just doesn't care
		about user friendliness.  Bost FreeBSD 2.2.8 and 3.1 came
		stock with a system known as S/Key, a one-time password
		system.  All you had to do is run a keyinit program for
		each user that you want to be authenticated in this
		manner.  I found no vulnerabilities in 2.2.8 and in
		FreeBSD 3.1, there was only the Free86 vulnerability out
		of the box, and it was easily fixed.

	RH52	Out of the box, not horribly secure.  Redhat 5.2 shipped
		with a lot of little holes, but they were simple to fix
		with the RPM files from RedHat's site.

	NT40	Okay... Just NT4.0 with no service packs... it's scary,
		and easily exploitable.  I upgraded to SP4, and it still
		had some unresolved issues, all the way to allowing a user
		to add him/her self to the local machine's Administrators
		group.  This is a VERY bad thing, and the exploits are as
		simple as running a program.  Point. Click. Admin!

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

VII.	Software installation

	This is REALLY a personal-preference deal.  You'll see.

	FBSD	Both 3.1 and 2.2.8 are the same here.  Ease of software
		installation is a plus, but it's slow, because it usually
		involves compiling the program.  It's really a "start
		installing and switch to another console" situation.  No
		questions asked, and if it needs another program, it goes
		and gets it without complaining.

	RH52	RPM (as I said before) will install a binary package in
		a hurry.  The problem is that IF it needs another program,
		it requires user interaction to go and get it.  Oh well.
		Not quite as easy as FreeBSD.  Not all Linux Distributions
		use "RPM".  Debian GNU/Linux uses a different packaging
		tool that DOES go-fetch the other packages.

	NT40	If clicking around menus and asking if/where to install
		stuff is for you, then I guess NT is the OS of champions.
		Otherwise, I consider it bothersome and time-consuming.

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

IIX.	From the user's standpoint

	NT40	Clicky, clicky!  This is by far the easiest OS for the end
		users to adapt to.  This technology dates back to when
		cavemen pointed to objects with sticks (equivalent to the
		mouse) and made grunting noises (equivalent to clicking
		mouse buttons).  It's almost natural, or something.
		Unfortunately, this method of machine interaction requires
		the computer to do extra work determining what the user is
		trying to do, and drawing pretty pictures on the screen to
		ensure that even the most idiotic user knows what's going
		on.

	RH52	Don't get me wrong, UNIX systems have Graphical User
		Interfaces, too.  They just aren't as friendly, and the 
		user still needs to know how to use a keyboard for some
		practical applications and file manipulation.  Redhat 
		has tried to make the X window system more friendly, but
		they haven't gone as far as MS has (yet).

	FBSD	FreeBSD 2.2.8 and 3.1 are both the same here, as well.
		There aren't as many cool user-geared graphical things
		distributed with them.  There are a few, but not as many
		as there are for linux.  This would be the hardest OS for
		an end-user to get used to.

_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

IX.	Ease of cross-platform network integration

	RH52	RedHat made sure they packed their distribution of Linux
		chock full of networking abilities by default.  Redhat can
		do Apple Talk, TCP/IP, Netware, and over TCP/IP it can act
		like a Windows NT file/print server, as well as utilizing
		resources on an NT Network.  Usually, the protocols can be
		set into action without so much as a reboot.

	FBSD	FreeBSD can integrate with any network that Linux can, but
		it's a little more difficult to implement.

	NT40	NT can handle most of the protocols, but I don't think
		that it does appletalk by default.  Windows 2000 adds this
		ability, but only as an AppleTalk SERVER.  It can't browse
		resources on an appletalk network.
_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

X. Closing Notes

Really, it's hard to tell "what's the better OS here?".  That is totally
based on application of the server.  This article was not designed to
flaunt one OS over another (okay... just a little), but you probably see
some definite pros and cons to each OS.  This is meant to be a "Guiding
Light", so that you know what will be the wise choice.  I do not promote
OS bashing too much.  Each Operating system is good and bad in it's own
ways.  100% "BAD" operating systems hat have nothing to offer over other
operating systems quickly disappear or become scarce in the world (ahem,
OS/2?, CP/M? what???).  You get my picture.

I'm outta here.  Happy serverizing, guys!

--Axon
