Re: Graphing: Don't believe everything you see.

[Felix von Leitner <felix-dailydave () fefe de>]

Thus spake Dave Aitel (dave () immunityinc com):
> Complexity only correlates with insecurity; it doesn't let you make
> order-of-magnitude judgment calls. Especially not based on graphs like
> that.

Actually, an asynchronous webserver needs these syscalls to handle the
two requests:

  GetQueuedCompletionStatus returns
  [socket+AcceptEx+CreateIoCompletionPort to queue the next request]
  CreateFile on the file to be served
  GetFileSize et al to get header data (optional)
  TransmitFile to send the response
  CloseFile to close the file
  ReadFile to read the second request

  GetQueuedCompletionStatus returns again
  CreateFile on the file to be served
  GetFileSize et al to get header data (optional)
  TransmitFile to send the response
  CloseFile to close the file
  closesocket

That's it.  No, really.  Sprinkle in some VirtualAlloc and friends for
malloc and free, but that's it.

So if you see a graph in fine print about how a couple hundred syscalls
are being called by a web server, that's a pretty good indicator that
there's something wrong with it.

Keep things simple.

That said: this particular troll is from mid-2006 and has been on
Slashdot back then, too.  There is no reason to get worked up about it
now.

Felix

PS: Apache is a bloated pig.  People use it because so many other
people are using it, not because there are any actual rational reasons
to use it.  IIS is a pig, too.  People use it because it comes with
Windows, and because it cheats (so it's faster than a pure user space
web server can be).
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave