FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 02-28-2011, 02:48 PM
Jason Hsu
 
Default Your favorite server apps (firewall, DHCP, etc.)

Since I'm looking for a job as a Linux IT consultant, I need a portfolio of favorite server applications - firewall, DHCP server, mail server, print server, etc. Just as I have favorite distros for the desktop (Puppy Linux, Linux Mint, antiX/Swift Linux) and favorite desktop applications (like OpenOffice and Sylpheed), I should have favorite server applications.

I can tell you about one application I don't like: the Firehol firewall program. It's pre-installed in antiX Linux. Every time I boot up or start this program, I get an error message about get-iana.sh. I did a Google search and tried some of the suggestions I found but still couldn't get Firehol working properly. I'd rather use something that doesn't require so much tweaking. I'm looking for an alternative for Swift Linux (www.swiftlinux.org, the distro I started).

I'd like to hear what you use and why. Some of the criteria I'm looking for are:
1. Security: Any client I work for will need a very secure system, ESPECIALLY one that does financial work, does business over the Internet, or has intellectual property.
2. Stability and reliability: Since a downed server affects the whole company and not just one employee, I understand this is of paramount importance as well.
3. Popular: If an application is widely used, then there's more help available, and the more likely the Debian developers are to support it.
4. Consistent from one version to the next: Since I'm obligated to keep everything up-to-date for clients, I want an application that doesn't change that radically from one version to the next. I know better than to expect a smooth upgrade process for even Debian Stable, much less other distros.
5. Well-supported by the Debian developers: I don't want to use a particular application, only to find when I upgrade that it's no longer supported.
6. Easy to use: This criteria is the reason I don't use minimal Debian on the desktop. Of course, I may have to make some sacrifices on this criterion in favor of more of the above.
7. Lightweight operation: I want something reasonably lightweight, but I'm willing to compromise on this criterion in favor of more of the above.

--
Jason Hsu <jhsu802701@jasonhsu.com>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110228094849.77f30f45.jhsu802701@jasonhsu.com">h ttp://lists.debian.org/20110228094849.77f30f45.jhsu802701@jasonhsu.com
 
Old 02-28-2011, 03:10 PM
shawn wilson
 
Default Your favorite server apps (firewall, DHCP, etc.)

you're asking pretty broad questions, however...

On Mon, Feb 28, 2011 at 10:48 AM, Jason Hsu <jhsu802701@jasonhsu.com> wrote:

Since I'm looking for a job as a Linux IT consultant, I need a portfolio of favorite server applications - firewall, DHCP server, mail server, print server, etc. *Just as I have favorite distros for the desktop (Puppy Linux, Linux Mint, antiX/Swift Linux) and favorite desktop applications (like OpenOffice and Sylpheed), I should have favorite server applications.




I can tell you about one application I don't like: the Firehol firewall program. *It's pre-installed in antiX Linux. *Every time I boot up or start this program, I get an error message about get-iana.sh. *I did a Google search and tried some of the suggestions I found but still couldn't get Firehol working properly. *I'd rather use something that doesn't require so much tweaking. *I'm looking for an alternative for Swift Linux (www.swiftlinux.org, the distro I started).




I'd like to hear what you use and why. *Some of the criteria I'm looking for are:

1. *Security: Any client I work for will need a very secure system, ESPECIALLY one that does financial work, does business over the Internet, or has intellectual property.

snort, splunk (semi commercial log monitoring), selinux, (it should go without saying, but learn everything about) ssh, /etc/shaddow and pam, closing ports / turning off services, logrotate.
*
2. *Stability and reliability: Since a downed server affects the whole company and not just one employee, I understand this is of paramount importance as well.

i've already covered this pretty verbosely in another thread earlier today.
*
3. *Popular: If an application is widely used, then there's more help available, and the more likely the Debian developers are to support it.

???
*4. *Consistent from one version to the next: Since I'm obligated to keep everything up-to-date for clients, I want an application that doesn't change that radically from one version to the next. *I know better than to expect a smooth upgrade process for even Debian Stable, much less other distros.


most things should be pretty consistent (it's why i don't use python )
*
5. *Well-supported by the Debian developers: I don't want to use a particular application, only to find when I upgrade that it's no longer supported.

all applications have a chance of going out of style - look at windows' fileman... no longer there since '95. however, bash, bind, vi, emacs, gcc, perl, and a few others may be on unix for a long long time.

*6. *Easy to use: This criteria is the reason I don't use minimal Debian on the desktop. *Of course, I may have to make some sacrifices on this criterion in favor of more of the above.


i don't know what you mean here. are you looking for strictly gui front-ends to server apps?
*
7. *Lightweight operation: I want something reasonably lightweight, but I'm willing to compromise on this criterion in favor of more of the above.
lightweight? depends on what you're doing. sqlite is lightweight until you try to process a million records. then it might bring a system to a crawl whereas mysql / postgresql should handle that million records without an issue. oh, and telnet is lightweight compared to ssh, but i won't be caught dead using telnet.

**
 
Old 02-28-2011, 07:24 PM
green
 
Default Your favorite server apps (firewall, DHCP, etc.)

Jason Hsu wrote at 2011-02-28 09:48 -0600:
> Since I'm looking for a job as a Linux IT consultant, I need a portfolio of
> favorite server applications

I had trouble finding a utility I liked for firewall. Scripts for iptables are
slow and bulky, and with other frontends I don't really know what is happening
with the actual firewall. The ferm packaged solved all this by allowing me to
write normal iptables rules in a language that is easy to use. When applying
the rules, ferm uses the iptables-restore method which is *much* faster than
the iptables command and ferm has an interactive option for reverting in case a
firewall change breaks your ssh connection.
 
Old 02-28-2011, 09:00 PM
Joe
 
Default Your favorite server apps (firewall, DHCP, etc.)

On Mon, 28 Feb 2011 09:48:49 -0600
Jason Hsu <jhsu802701@jasonhsu.com> wrote:

> Since I'm looking for a job as a Linux IT consultant, I need a
> portfolio of favorite server applications - firewall, DHCP server,
> mail server, print server, etc. Just as I have favorite distros for
> the desktop (Puppy Linux, Linux Mint, antiX/Swift Linux) and favorite
> desktop applications (like OpenOffice and Sylpheed), I should have
> favorite server applications.
>
> I can tell you about one application I don't like: the Firehol
> firewall program. It's pre-installed in antiX Linux. Every time I
> boot up or start this program, I get an error message about
> get-iana.sh. I did a Google search and tried some of the suggestions
> I found but still couldn't get Firehol working properly. I'd rather
> use something that doesn't require so much tweaking. I'm looking for
> an alternative for Swift Linux (www.swiftlinux.org, the distro I
> started).
>

In view of the first sentence above, throw away your firewall apps and
learn to use iptables directly. It is of such importance as a network
troubleshooting tool that you need to be fluent in reading an existing
script and adding logging lines in appropriate places. Remember, if
someone else is writing your firewall script, you don't know what it is
doing. You only get away with 'not so much tweaking' if you're a user,
not if you're an admin.

I'd recommend mc as a file manager and text editor. A server won't
usually have a GUI, that's a Windows thing, and I find mc more
generally useful than ls and cd (while using them when appropriate).
And I'm willing to court unpopularity by admitting I absolutely loathe
vi and its children. Hey, Windows 7 still has Edlin...
http://en.wikipedia.org/wiki/Edlin

There are lightweight DNS servers and caches, but if you expect to deal
with networks generally, get to know BIND. Learn to link it to dhcp3
(no, it's not done by default) as an exercise in remote updating and
associated permissions.

Learn at least one mail server well. I've used Postfix in the past, but
I've used the Debian default of exim4 for some years now. As an
exercise, find out how to drop SMTP connections from specified country
codes in the HELO and/or sender address.

Learn how to set up an OpenLDAP address book, and either MySQL or
postgresql with PHP and Apache, then link the address book to web
pages. Many email clients can use LDAP address books, but few can
update them. I'll shock everyone by admitting I like phpmyadmin for
dealing with MySQL. I can't remember the last time I drove MySQL from
the command line.

Learn Samba, from creating an anonymous-access file share up to
integration with Windows domain controllers and clients. It's Samba
that deals with printer sharing in a mixed network, while CUPS is the
actual server.

You are ambitious, perhaps? Try compiling FreeRADIUS with SSL support
(Debian doesn't do that, due to OpenSSL licensing) and using it to
secure a wireless network. Then you'll know why some people use Windows
servers. Another reason is the Outlook-Exchange system, with an LDAP
Global Address List that you don't have to build from scratch.

As to size, my system is under 2GB, with bzipped backups not quite
fitting on a CD. It's currently running on a five year old (new
hard drive) HP workstation, with half a gig of RAM. That's lightweight
enough for me. The current Windows Small Business Server wants a 60GB
system partition and a minimum 8GB of RAM. Of course, it does much more
than my Debian box, but not any more of what I actually want done.

--
Joe


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110228220026.64f93867@jresid.jretrading.com">htt p://lists.debian.org/20110228220026.64f93867@jresid.jretrading.com
 
Old 02-28-2011, 10:33 PM
Jason Hsu
 
Default Your favorite server apps (firewall, DHCP, etc.)

Joe, thanks so much for the advice. I remember vi from undergraduate school in the 1990s, and I HATED it and never learned to use it, as emacs was so much easier to work with. On my minimal command-line only Debian installations, I prefer nano. Wow, I thought I was the only one who hates vi and absolutely refuses to use it.

On Mon, 28 Feb 2011 22:00:26 +0000
Joe <joe@jretrading.com> wrote:


> And I'm willing to court unpopularity by admitting I absolutely loathe
> vi and its children. Hey, Windows 7 still has Edlin...


--
Jason Hsu <jhsu802701@jasonhsu.com>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110228173340.9b8a4707.jhsu802701@jasonhsu.com">h ttp://lists.debian.org/20110228173340.9b8a4707.jhsu802701@jasonhsu.com
 
Old 03-01-2011, 12:18 AM
 
Default Your favorite server apps (firewall, DHCP, etc.)

>
>
>
>---- Original Message ----
>From: jhsu802701@jasonhsu.com
>To: debian-user@lists.debian.org
>Subject: Re: Your favorite server apps (firewall, DHCP, etc.)
>Date: Mon, 28 Feb 2011 17:33:40 -0600
>
>>Joe, thanks so much for the advice. I remember vi from
>undergraduate school in the 1990s, and I HATED it and never learned
>to use it, as emacs was so much easier to work with. On my minimal
>command-line only Debian installations, I prefer nano. Wow, I
>thought I was the only one who hates vi and absolutely refuses to use
>it.
>>
>>On Mon, 28 Feb 2011 22:00:26 +0000
>>Joe <joe@jretrading.com> wrote:
>>
>>
>>> And I'm willing to court unpopularity by admitting I absolutely
>loathe
>>> vi and its children. Hey, Windows 7 still has Edlin...
>>
>>
>>--
>>Jason Hsu <jhsu802701@jasonhsu.com>
>>
>>
>>--
>>To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
>>with a subject of "unsubscribe". Trouble? Contact
>listmaster@lists.debian.org
>>Archive: http://lists.debian.org/20110228173340.9b8a4707.jhsu802701@
>jasonhsu.com
>>
Somewhere in the midwest Bill Joy is seething!
Larry
>>



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 380-2201132111848517@netptc.net">http://lists.debian.org/380-2201132111848517@netptc.net
 
Old 03-05-2011, 05:51 PM
Rob Owens
 
Default Your favorite server apps (firewall, DHCP, etc.)

On Mon, Feb 28, 2011 at 09:48:49AM -0600, Jason Hsu wrote:
> Since I'm looking for a job as a Linux IT consultant, I need a portfolio of favorite server applications - firewall, DHCP server, mail server, print server, etc. Just as I have favorite distros for the desktop (Puppy Linux, Linux Mint, antiX/Swift Linux) and favorite desktop applications (like OpenOffice and Sylpheed), I should have favorite server applications.
>
Firewall: I've used Shorewall in the past and found it pretty good.
Now I use fwbuilder. With fwbuilder, I have a better understanding of
iptables rules and syntax. If I did firewalls regularly enough, I'd
probably just use iptables directly, with no "helper" program.

Learn isc-dhcp-server (used to be dhcp3-server on Debian). Also learn
Bind.

Learn how to work with/around Microsoft technologies. For instance, MS
Exchange. A couple hints for compatibility w/ Linux clients: turn on
IMAP support in Exchange. Establish an alternative calendar program --
maybe webcalendar. Another for instance: learn to set up samba for
file and printer sharing with MS clients.

Learn some money savers that you can use to impress potential clients.
Two that come to mind are BackupPC and LTSP.

One thing I never did that I maybe should have: learn Excel and Access
well enough that you can convert existing macros, complicated
spreadsheets, and databases to free alternatives. For databases, I'd
suggest something web based like PHP/MySQL (not sure if MySQL is still
the recommended database these days, due to the Oracle buyout).

For small business that want to administer systems themselves with
minimal intervention from you, there are some decent "small business
server" distros. SME Server comes to mind. There are others.

The top 2 distros to learn for consulting, in my opinion, would be
Debian and CentOS/RHEL.

-Rob


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20110305185118.GA16519@aurora.owens.net">http://lists.debian.org/20110305185118.GA16519@aurora.owens.net
 

Thread Tools




All times are GMT. The time now is 12:59 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org