Date: Fri, 29 Mar 2013 17:03:38 +0100 From: Polytropon <freebsd@edvax.de> To: David Thurber <davida@thurber.org> Cc: questions@freebsd.org Subject: Re: EOL Message-ID: <20130329170338.f6e45c5c.freebsd@edvax.de> In-Reply-To: <5155B0E6.9030303@thurber.org> References: <5155B0E6.9030303@thurber.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 29 Mar 2013 09:19:02 -0600, David Thurber wrote: > I have 5 XP machines on my node that are used to crunch data 24/7. So, > I'm looking for an OS platform that has a 10 year EOL to replace XP/3. It's good you're paying attention to the upcoming death of "Windows XP" and the expected birth of lots of new malware, exploiting unfixed vulnerabilities. :-) > What I got from your website appears to be a year or two at most on > freebsd 8.3, and we really don't want to repeat the travails of the > transition from 98SE to XP/3 after this one because the research team > will be mostly mid 80's early 90"s by then. You should use the most recent FreeBSD version for your first installation unless there's a _valid_ reason to use an older release which you cannot avoid. As with many software projects, FreeBSD is continuously developed. Security patches are backported from the current development branches to older (legacy) ones for some time, as long as this is possible. This of couse does not stop you to keep a FreeBSD installation running. For example, I still have a FreeBSD 4.1 file server which I see no need to replace, primarily because it runs "in-house only" and has no connection to the Internet. This is probably your biggest concern. However, FreeBSD is much more secure than "Windows XP" due to design and defaults. But keep in mind you're not just using the OS, you're also using additional software which also has to be kept current to operate securely. FreeBSD allows you to update software (from the ports collection) even on older installations. Of course this is not "possible unlimited" - but as long as the required OS infrastructures are present, it can be done. > It's a lot of data fetched > over the web so we need security updates to keep the OS secure with > minimal interaction. FreeBSD and its applications can be updated from source. There are lots of tools (such as port management tools like portmaster) to help you with this task. But there are also tools for binary updates. They even cover transition to a new major release. You can use freebsd-update to get the security patches for the OS, this is very easy and does not involve much interaction. FreeBSD will provide a very solid foundation for running secure installations over a long time. Of course you will need to perform updates, but this is very easy to do, as I said. You may check "The FreeBSD Handbook" for more information. -- Polytropon Magdeburg, Germany Happy FreeBSD user since 4.0 Andra moi ennepe, Mousa, ...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130329170338.f6e45c5c.freebsd>