Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 29 Mar 2013 17:03:38 +0100
From:      Polytropon <freebsd@edvax.de>
To:        David Thurber <davida@thurber.org>
Cc:        questions@freebsd.org
Subject:   Re: EOL
Message-ID:  <20130329170338.f6e45c5c.freebsd@edvax.de>
In-Reply-To: <5155B0E6.9030303@thurber.org>
References:  <5155B0E6.9030303@thurber.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Fri, 29 Mar 2013 09:19:02 -0600, David Thurber wrote:
> I have 5 XP machines on my node that are used to crunch data 24/7. So, 
> I'm looking for an OS platform that has a 10 year EOL to replace XP/3.

It's good you're paying attention to the upcoming death
of "Windows XP" and the expected birth of lots of new
malware, exploiting unfixed vulnerabilities. :-)



> What I got from your website appears to be a year or two at most on 
> freebsd 8.3, and we really don't want to repeat the travails of the 
> transition from 98SE to XP/3 after this one because the research team 
> will be mostly mid 80's early 90"s by then. 

You should use the most recent FreeBSD version for your
first installation unless there's a _valid_ reason to
use an older release which you cannot avoid.

As with many software projects, FreeBSD is continuously
developed. Security patches are backported from the current
development branches to older (legacy) ones for some time,
as long as this is possible.

This of couse does not stop you to keep a FreeBSD installation
running. For example, I still have a FreeBSD 4.1 file server
which I see no need to replace, primarily because it runs
"in-house only" and has no connection to the Internet. This
is probably your biggest concern.

However, FreeBSD is much more secure than "Windows XP" due
to design and defaults. But keep in mind you're not just
using the OS, you're also using additional software which
also has to be kept current to operate securely.

FreeBSD allows you to update software (from the ports
collection) even on older installations. Of course this
is not "possible unlimited" - but as long as the required
OS infrastructures are present, it can be done.



> It's a lot of data fetched 
> over the web so we need security updates to keep the OS secure with 
> minimal interaction.

FreeBSD and its applications can be updated from source.
There are lots of tools (such as port management tools
like portmaster) to help you with this task. But there are
also tools for binary updates. They even cover transition
to a new major release. You can use freebsd-update to get
the security patches for the OS, this is very easy and
does not involve much interaction.

FreeBSD will provide a very solid foundation for running
secure installations over a long time. Of course you will
need to perform updates, but this is very easy to do, as
I said. You may check "The FreeBSD Handbook" for more
information.



-- 
Polytropon
Magdeburg, Germany
Happy FreeBSD user since 4.0
Andra moi ennepe, Mousa, ...



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?20130329170338.f6e45c5c.freebsd>