I'd try darwin - that is just the 1st step towards Mac OS X ;)

(first post?)

I say OpenBSD because I live in the same city as Theo [theos.com] and I work right near him! He was one of the people that started NetBSD too!

OpenBSD is also one of the most secure OS's in the world with a unmodified install!

Hands down the easiest to pick up, and arguably the most common.

Install software from source?

cvsup -g -L2 stable-supfile
cd /usr/ports/misc/screen
make
make install
make clean

Install the binary version?

pkg_add -r screen

next?

A quick rule of thumb is generally ...

OpenBSD for security, NetBSD for portability and FreeBSD for diffusion in the wider world (ie, comparable to Linux).

I have no need for portability, and FreeBSD didn't appeal to me, so OpenBSD it was -- five years ago. I don't think you'll go wrong with any of them, though. If I did it again to experiment I'd probably try FreeBSD out this time.

BSDs do generally have more thorough online and internal documentation than Linux for the core basics, so you won't miss with any of them.

Go with OpenBSD - one remotely exploitable hole in how many years? 5?

Besides that it's so much of a bastard to install that it's a fun challenge. (Not many people can say they have installed OpenBSD!)

I started on OpenBSD 2.6 and I liked it. Just text mode as a firewall. The initial install was a little bumpy but then the man pages were excellent.

I've since used FreeBSD a fair amount. I'm becoming comfortable there, but I still feel more at home with OpenBSD.

FreeBSD 5 is not the best place to start. Some important things have changed and there isn't much support for these changes on the web yet. You'll find lots of older "howto" articles that won't work as written. I managed to bootstrap my FreeBSD server using PXEboot, but I had to liberally adapt the approaches I found because of the many changes in 5.x

There's a lot of negativity floating around about FreeBSD 5.x lately. It seems they've put a lot of energy in breaking hard ground over the past two years. It remains to be seen whether lush vegetation will spout in future versions as they tune these improvements. I think in any project with sufficient ambition, there are times when things have to go sideways for a period of time.

Recall how Tiger Woods decided to tune his golf swing when he was on top of the world. I sure hope it works out better for FreeBSD.

OpenBSD. If you're a networking guy Packet Filter (PF) is a cool toy to play with. But if you're looking for a more BSD-style Linux you might want to consider Slackware.

Which one? I would recommend you try all of them, but in the following order:

1. FreeBSD 4.11 - because it will ease you gently into the world of BSD with its easy setup, wonderful documentation and a myriad of great ports that build right out of the box.
2. NetBSD - because it will introduce you to the world of quality device drivers for a very wide selection of hardware.
3. DragonFlyBSD - because it will show you the speed and the potential of change on BSD platforms. It's still in the early stages of development, so do not expect to be able to build additional software out of the box.
4. OpenBSD - because it will expand your view of what security is regardless of what your current experience might be. With the experience gained using other BSD systems you should have no trouble installing OpenBSD, but don't install OpenBSD before other systems because you will most likely regret it, it's the least user-friendly BSD system to set up.

After you're finished you may want to try FreeBSD 5.3, especially if you are interested in comparing its GBDE (Geom Based Disk Encryption) to NetBSD's CGD (CryptoGraphic Disk) facility.

Welcome to the world of BSD, I hope your ride will be a smooth one. Let us know if we can help. :)

but with my new mac mini, i can relive [sic] my bsd glory days with additional drop shadows and window animations! i don't know if that really counts as a bsd, though...

Are you saying that if the interface is too pretty or intuitive it doesn't count as being a real *BSD experience? If/when linux grows an interface as functional, beautiful, and elegant as Mac OS X, will it no longer qualify as being a "real linux experience?" If a rose by any other name is still a rose, then a *BSD variant with any other GUI -- like say, the Macintosh variety -- should still be *BSD... especially since most *BSD users seem rather indifferent to graphical user interfaces from what I gather.

I was fed up with solaris on my sun ultra 2, so i decided to try out openbsd. i have to say, it was the FASTEST and EASIEST OS install i have ever done, period.

And if you believe what you just said makes any difference, you are being just as naive.

OpenBSD, as in the kernel itself, is fairly well auditted (I'm not sure about the coverage, but they do examine things closely from what I remember).

However, Apache isn't auditted. DHCP isn't auditted. The FTP server, I'm fairly sure isn't auditted. Nothing they don't actually write themselves. If you install an OpenBSD machine on the internet and actually turn on services, you'll have just as many security problems as anyone running Linux. OpenSSH has it's fair share of security problems (written by pretty much the same people who wrote OpenBSD). Although with priveledge separation it should have even fewer problems that are actually exploitable to become root.

While Apache does have some security patches applied to it that the stock Apache doesn't, that doesn't make it "Auditted". That means a handful of exploits have been found. I believe the Apache people just don't agree that there is a problem (I'm not clever enough to see who has the more reasonable point of view).

As soon as you start actually using OpenBSD to do anything that allows remote services, you are pretty much into the areas where you could have security problems just like anyone else.

OpenBSD does have some nifty patches to help mitigate certain types of attacks (The memory protection schemes that implement NoExecute on the stack, and some other ways you can mark a page in the VM system as no-execute or no-write).

However, that doesn't mean "OpenBSD is auditted and therefore secure". I'm absolutely confident that if I had shipped Linux for the last 8 years with as little configured to run out of the box as OpenBSD does, Linux could claim no remote root exploits too (the same is probably true of FreeBSD, NetBSD, OS X, Windows, and any other number of Operating systems). (Okay, the Windows claim might be a streach, because I believe there are certain ports that a very difficult to close, but the rest I'm fairly sure are true). The lack of any open ports at all makes it fairly trivial to not have any remote attacks. All you have to do is ensure that your network stacks don't do something stupid with a packet they are routing. Not terribly difficult. The fact that it ships with no services configured is very good. While it probably has a more secure kernel, most exploits out there in the world involve exploiting a user process that is running as root. As which point, you can own an OpenBSD machine as quickly and as easily as a FreeBSD, Linux, or NetBSD machine.

Kirby

There was a thread on netbsd-advocacy a few weeks ago about NetBSD having image problems, and it pointed to this "rule of thumb" as a major example of the misperception of the BSDs. Many people do exactly what you did - "I have no need for portability, and FreeBSD didn't appeal to me, so OpenBSD it was" - or some variation - without actually evaluating reality.

(I'm not as familiar with FreeBSD as I am the others, and I'm happy with NetBSD right now)

Portability: OpenBSD lists 15 different platforms. [0] FreeBSD lists 9. [1] NetBSD boasts some rediculous number, whether you are counting processor types or variations. (For comparison, Debian supports 11 [2]) All of the BSDs are portable.

Security: OpenBSD has a deserved reputation for focus on security. However, don't think they're the be-all-end-all - I would consider several of the 'reliability fixes' in the 3.5 errata [3] to be security issues, particularly #16 and #27. Weaknesses is the encrypted volume support have been discussed on the misc@ list, and it has been suggested that the cgd found in FreeBSD and NetBSD is much stronger; there are no current plans to port that to OpenBSD. NetBSD 2.0 has a new feature, Verified Exec [4] that looks like a very strong tool to counter rootkits; I don't have any experience with it.

Performance: Although more than a year old, take a look at fefe's scalability benchmarks. [5] FreeBSD and Linux 2.6 came out on top by quite a margin. I believe there was work on all fronts after the benchmarks were published, but NetBSD's catches the eye most - in two weeks they pushed scalability beyond FreeBSD. A more recent series of microbenchmarks between FreeBSD 5.3 and NetBSD 2.0 [6] compare the two and are relatively close. When reading those benchmarks, you should keep in mind that it was a uniprocessor system, and there's been a lot of talk about FreeBSD's SMPng.

One thing you didn't mention were packages and ports; OpenBSD's are more limited in number than FreeBSD or NetBSD's. OpenBSD ports follow releases; FreeBSD's don't; NetBSD's have quarterly stable branches independent of the operating system.

One other note of mention is the RIPOFF file [7] maintained by Hubert Feyrer of NetBSD. It's not really about performance, scalability, security, or ports, but it's an interesting read. I haven't verified its accuracy nor do I know if other people keep similar accounts.

[0] http://www.openbsd.org/plat.html
[1] http://www.freebsd.org/platforms/index.html
[2] http://www.debian.org/devel/debian-installer/
[3] http://www.openbsd.org/errata35.html
[4] http://www.netbsd.org/guide/en/chap-whatsnew.html# chap-whatsnew-2-0-veriexec
[5] http://bulk.fefe.de/scalability/
[6] http://www.feyrer.de/NetBSD/gmcgarry/
[7] http://www.feyrer.de/NetBSD/RIPOFF.txt

"Update your software collection:
cd /usr/ports; make update
portupgrade -ra"

I prefer:

portsnap fetch
portsnap update # use binary diffs to effeciently track small port deltas
portaudit # get a quick security audit of installed ports and base system
pkg_version -vL = # I alias this to pkg_chk; list updated port versions
portupgrade [whatever needs doing]

It's not that minimal, considering obsd includes Apache, Perl, SSH, CVS, and other goodies in the base system. Pretty much everything expected in a typical Unix system is present, with sane defaults.
The installer is not what most Linux users are accustomed to. Personally, I prefer it to all the others I've seen (slackware, debian, redhat, and freebsd). I like the "no bullshit" approach, and the inherent flexibility it offers (the siteXX.tgz file, the serial support, the ability to select "whole disk" at the fdisk prompt or input your own geometry, etc.)
It can also make a good desktop system (I use it as such, and so do many others), since most of the window managers, kde/gnome stuff, and common X apps (xpdf, firefox, mplayer, xv, xmms, etc.) run fine on it. Unless of course one needs Linux-specific stuff that's only available in binary format, but even there there's a possibility they may run in emulated mode, though some stuff may not (eg, VMware).
And yes, it's ideal for a firewall, and makes for a nice, reasonably secure server too. :)

OpenBSD, as in the kernel itself

Unlike Linux, none of the BSD's, including OpenBSD, can be summed up to "just a kernel". The BSD's are developed as complete systems. Kernel, userland utilities, default configuration files, file structure and installation scripts.

Linux is developed as a kernel and then distribution companies or groups wrap the rest of the system around that kernel as THEY see fit. Which may well go against some of the intentions of the Linux developers and often goes against the intentions of each other!

This does not tend to happen with the BSD's, since, as they are developed as complete systems, they have a complete vision of a complete system and as such, develop from the outset with the whole system in mind. There are few bandaids with any of the BSD's.

If you install an OpenBSD machine on the internet and actually turn on services, you'll have just as many security problems as anyone running Linux.

Not true. Problems that will cause a remote root on a typical Linux system, will typically cause a DoS on an OpenBSD system, due to all the proactive mechanisms in place which detect and kill exploited processes.

OpenBSD does have some nifty patches

Nifty patches? Many active mechanisms, like those you mention, have been in the releases for a while.

However, that doesn't mean "OpenBSD is auditted and therefore secure".

Nothing is "secure". There are only various levels of "secure" which don't make it all the way up to absolutely "secure", as long as we are talking about networked operating systems.

While it probably has a more secure kernel, most exploits out there in the world involve exploiting a user process that is running as root. As which point, you can own an OpenBSD machine as quickly and as easily as a FreeBSD, Linux, or NetBSD machine.

I am really surprised that you say this, after showing knowledge of privsep. Much fewer processes run as root under OpenBSD and when they do, they only do it in areas where they actually need root to complete the small task at hand. OpenBSD most certainly is more secure than any other system, while running any given process. But it is not absolutely secure.