Security Basics mailing list archives
RE: CGI security vs ASP security
From: "Kline, Nathan C - CIEP-3" <nckline () bpa gov>
Date: Tue, 15 Apr 2003 11:26:00 -0700
I think it comes down to where you developer skills are at. The code is going to be much more secure if the coder is more experienced in a particular language and knows the tricks to provide the enhanced security. ASP is a framework with associated objects for use, much like .NET. It provides some built in objects that help to secure applications. .Net increases those available security related objects. I am unclear as the previous poster with what you mean by CGI, but it may or may not provide the same functionality. The bottom line though is both are dated technologies. Java or .NET, being cutting edge complied languages will give you much better performance, scalability, and security then CGI or ASP. --Nathan -----Original Message----- From: Corey Schaffer [mailto:cschaffer () accessdenied ca] Sent: Monday, April 14, 2003 12:23 PM To: Jens Porup; security-basics () securityfocus com Subject: Re: CGI security vs ASP security ASP isn't a language...it is a technology....JScript or VBScript is the language that runs within an ASP page. On Mon, 14 Apr 2003 13:55:16 +1000, Jens Porup <jens () cyber com au> wrote:
On Thu, Apr 10, 2003 at 12:52:19PM -0400, Teodorski, Chris wrote:I am looking for some opinions on whether ASP is inherently more secure than CGI? Or is it just easier to implement ASP securely......and securing CGI takes work and knowledge.......CGI is a protocol, ASP is a language... ASP is a crap Microsoft product I wouldn't use to add one and one.... if by CGI you mean Perl, then yes, Perl is a *good thing* ------------------------------------------------------------------- Is SPAM over-loading your e-mail server, disk space or bandwidth? SurfControl E-Mail Filter is flexible, intelligent and policy-driven protection. http://www.securityfocus.com/SurfControl-security-basics2 Download your free fully functional trial, complete with 30-days of free technical support. Stop SPAM before it stops you. -------------------------------------------------------------------
-- Are you at risk? www.accessdenied.ca ------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. www.blackhat.com ------------------------------------------------------------------- --------------------------------------------------------------------------- Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- CGI security vs ASP security Teodorski, Chris (Apr 11)
- Re: CGI security vs ASP security Jens Porup (Apr 14)
- Re: CGI security vs ASP security Corey Schaffer (Apr 15)
- RE: CGI security vs ASP security David Gillett (Apr 15)
- RE: CGI security vs ASP security Sarbjit Singh Gill (Apr 17)
- Re: CGI security vs ASP security Steven J. Sobol (Apr 22)
- <Possible follow-ups>
- Re: CGI security vs ASP security Rodriguez, Manuel (Apr 15)
- RE: CGI security vs ASP security Kline, Nathan C - CIEP-3 (Apr 15)
- Re: CGI security vs ASP security Jens Porup (Apr 16)
- RE: CGI security vs ASP security Jon Pastore (Apr 17)
- Re: CGI security vs ASP security Jens Porup (Apr 16)
- RE: CGI security vs ASP security Kline, Nathan C - CIEP-3 (Apr 17)
- Re: CGI security vs ASP security Jens Porup (Apr 14)