I apologize for my use of the "j" word; I've been using it for years and I errantly assumed that people would read it today the same way they did in August. My mistake. Okay, moving on...
Holy crow! 42 responses?!?
Here goes... When I ordered my last set of Red Hat 7.2 CDs from www.cheapbytes.com, I tossed in a set of FreeBSD 4.4(?) CDs, so I guess you have my answer. FreeBSD appears to be the most popular "distro" of *BSD, so I thought I'd give it a shot. I've played with the installer once or twice, and have gotten it to boot with X and KDE, but that's about as far as I went.
However, my motives for trying out FreeBSD aren't really security-related. Someday I might switch to Mac OS X/Darwin if I can be reasonably assured that I can run qmail+nmh+exmh. The security stuff is really a hobby for me and the more I can learn about it, the better.
Note that I've stuck with RH Linux for over three years for one reason. Because Oracle qual-ed their RDBMS on it (three years ago, in the dark ages of Oracle 8.0.5). I've gotten rather used to the convenience of RPMs (even if I think rpm is a relatively stupid installer compared to SGI's inst); however, I pretty much always compile my security software from scratch.
I enjoy the convenience and widespread acceptance of RH Linux, but I don't have a good time locking stuff down every time I do a fresh install. There's always a cracker out there whose smarter and craftier than you, but I'm willing to live with those risks right now.
If I had to give Linux distros a second go around, I'd consider Gentoo Linux (www.gentoo.org), although those guys have been in pre-release state for years now and their installation documentation sucked large rocks (well, at least until recently). I actually haven't evaluated how secure the distro is, but even a year ago (when I last tried it) they seem to have some ideas I liked: BSD-style ports system, qmail, root partition on a ReiserFS filesystem, etc.
SGI IRIX wasn't considered a particularly "secure" UNIX when I was using it. The SGI boxes were sure fun to use though. Maybe since those p0Rn sites (www.danni.com) have been using it for a while, IRIX has gotten better. If I had to run a production-grade web site, I'm pretty sure I'd pick Solaris again. I don't know much about Solaris, but there are plenty of good Solaris sysadmins out there.
But this is pretty much moot nowadays, since I've resigned to live on a cheapass Windows-only dial-up modem connection. Hope that answers the question.
