[prev in list] [next in list] [prev in thread] [next in thread]
List: security-basics
Subject: Re: Rif: Comparison of Web Servers
From: jdog1016 <jdog1016 () hotpop ! com>
Date: 2003-04-25 4:08:49
[Download RAW message or body]
Yes, IIS is certainly harder to keep up with, because there are a lot
more serious flaws found in it than Apache, and IIS is probably
potentially insecure, because there is a pretty good chance that there
is still serious holes in it.
Remo.Cornali@rcs.it wrote:
>
>
>
>
>
>>comparing web servers from a security perspective?
>>
>>
>
>A well-patched Apache is as secure as you can get.
>A well-patched IIS is also as secure as you can get.
>Miss just one patch, and your webserver, whatever it is, is unsecure.
>
>There is no such thing as a slightly unsecure webserver,
>anymore than there is a being like a slightly pregnant woman.
>You may, however, want to consider a webserver's MTBSP
>(Mean Time Between Security Patches). ;-))
>Keeping up with IIS is a lot more work.
>
>Ciao!
> Remo Cornali
>
>
---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the
world's premier event for IT and network security experts. The two-day
Training features 6 hand-on courses on May 12-13 taught by professionals.
The two-day Briefings on May 14-15 features 24 top speakers with no vendor
sales pitches. Deadline for the best rates is April 25. Register today to
ensure your place. http://www.securityfocus.com/BlackHat-security-basics
----------------------------------------------------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic