I'm sort of new to this, which is why I ask. I also wanted to ask - is freeBSD the same as BSD? Or does it mean that there are free and paid-for versions you can obtain? Just as with Unix and Linux, there are (or have been) several "BSD" unixes. The history goes roughly as follows:
Once upon a time, Unix was invented at Bell Labs. At the time it wasn't seen as a saleable product, just an oddity for internal development. After a while, a few customers became interested, so Bell/AT&T began to "productize" it. At around the same time, the source code was given to the University of California, Berkeley (UCB) for educational use only.
The keen geeks at UCB soon began to mess around with the source and add their own "improvements". This led to the first major split in the Unix community. Under the terms of their academic licence, UCB released their modified source code to other universities as a series of tapes, known as the "Berkeley Standard Distribution" (BSD). However, because it was based on Bell/AT&T's copyright source code, it was not supposed to be released to commercial users.
However, a lot of people liked some of the things which were part of BSD, and so several attempts were made to bring them in to the official main line of Unix development. Non-AT&T alternatives such as SCO, Xenix, Pyramid Unix and OSF/1 implemented strange hybrids of AT&T and BSD features. Then non-Unix lookalikes such as Coherent, Minix and Linux started to become popular and had yet more slightly-imcompatible ways of doing things.
All of this greatly irritated the BSD fans, who felt they had a solid, well-thought-out product which they were prevented from using due to licencing restrictions. So several projects were started to replace all the original Bell/AT&T code with fresh BSD re-implementations, to make an entirely clean code base. NetBSD, FreeBSD, OpenBSD and so on.
These days, FreeBSD seems to be the most popular. It's highly regarded as a secure and robust system, due to the policy of multiple-checking every line of code before it is released in a distribution. The haphazard Linux development free-for-all may implement new and interesting features faster than the BSD team, but cutting-edge Linux distributions can be a
lot more "flaky".
I use "BSD" as the generic term for this branch of Unix history. As far as I am aware, they are all free.
Frank - your story of being hacked sounds frightening. I was wondering what sort of hacking you were the victim of. I had set up a machine at a public colocation facility to offer web space for hosting Java
servlets, JSPs and so on. I was just reaching the end of my beta trial (with several of the Ranch bartenders and sheriffs as trial customers) and negotiating with my first paying customers, when it all blew up in my face.
Someone had found an "exploit" in one of the many pieces of software which go to make up a typical Linux distribution, and managed to gain "root" access. The intruder installed a "rootkit" which replaced or patched key executables to cover his/her tracks and leave things wide open for easy later access. The machine was then left and merely observed for a few weeks, I guess to make sure it wasn't a "honeypot" to catch hackers. At about 6pm one evening, the intruder gained access again and ran some of the hacking tools he/she had installed to scan and attempt to break other machines. This immediately "maxed" the 10Mbit network connection from my box to the colocation facility, blew away my 4GB/month bandwidth allowance in about an hour, and started running up excess bandwidth charges at a ferocious rate.
I first knew about this when the colocation facility staff called me at 9am the following morning. I immediatly shut down the machine, but the damage had been done.
I had run up a huge charge which I could not afford, and I could no longer trust any of the software on the machine. I brought the machine up just long enough to back up any user data, then shut it down completely. It's now sitting in my mother's spare bedroom a few hundred miles away waiting for me to go and bring it back for a complete rebuild.
For home use my suggestion is that you don't ever connect a workstation or internal server (Windows, Linux, Mac, or whatever) direct to the internet. Always use a dedicated firewall, lock it down as much as you can, and keep it as up-to-date as you can. Even if you won't incur large bandwidth charges, think what would happen if someone gained "root" or "Administrator" access to your system and all your data, and installed their own software to use your system for their own evil or illegal ends.
The crazy thing is that a firewall is so cheap and easy to do. Pretty much any old 386DX, 486 or pentium box with 8MB of RAM or more can be used. There are plenty of good Linux distributions designed as firewalls, which hold your hand through the installation, and include no extra software which might be compromized. All you have to do is put two network
cards in the box, connect one to your DSL line and one to your internal network and you are laughing.