Security Basics mailing list archives
Re: Rif: Comparison of Web Servers
From: jdog1016 <jdog1016 () hotpop com>
Date: Thu, 24 Apr 2003 23:08:49 -0500
Yes, IIS is certainly harder to keep up with, because there are a lot more serious flaws found in it than Apache, and IIS is probably potentially insecure, because there is a pretty good chance that there is still serious holes in it.
Remo.Cornali () rcs it wrote:
comparing web servers from a security perspective?A well-patched Apache is as secure as you can get. A well-patched IIS is also as secure as you can get. Miss just one patch, and your webserver, whatever it is, is unsecure. There is no such thing as a slightly unsecure webserver, anymore than there is a being like a slightly pregnant woman. You may, however, want to consider a webserver's MTBSP (Mean Time Between Security Patches). ;-)) Keeping up with IIS is a lot more work. Ciao! Remo Cornali
---------------------------------------------------------------------------Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the world's premier event for IT and network security experts. The two-day Training features 6 hand-on courses on May 12-13 taught by professionals. The two-day Briefings on May 14-15 features 24 top speakers with no vendor sales pitches. Deadline for the best rates is April 25. Register today to ensure your place. http://www.securityfocus.com/BlackHat-security-basics ----------------------------------------------------------------------------
Current thread:
- Rif: Comparison of Web Servers Remo . Cornali (Apr 24)
- Re: Rif: Comparison of Web Servers jdog1016 (Apr 25)