On mySimon: Skip Fabric Softener with Dryer Balls
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 32 of 48:
Next »
« Previous
...
"Are you laboring under the misapprehension
that everybody started using IIS6 and Apache 2.0 as soon as they were released?"

I'm simply comparing the lastest version. What is the problem with that? Would it be fair for me to compare IIS6 with some old build of Apache with several unpatched vulnerabilities? No, I don't think so. Even IIS5 which had a dismal security record in it's early stages has seen a drastic decrease in newly discovered vulnerabilities in the past few years. I know linux fanboys love to make fun of it, but it does seem that the commitement to security Microsoft publicly made a few years ago has actually made a difference.

"All I need to do is look at my logs to see that there are still thousands of infected IIS servers out there trying to spread Code Red. Sasser and a whole host of other worms are still running rampant."

And all I need to do is look at my (sshd) logs to that there are thousands of owned linux/apache (when I bring up the IP address in a browser I allways get the "Welcome to Apache!" page) boxes out there....but I'm not going to claim that linux/apache are insecure because some dolts out there don't bother to patch their boxes, or put an secure password on their machines. By citing your logs, are you saying that IIS is less secure than Apache because a bunch of Windows machines are out there are not patched against 5 year old exploits?

"Maybe you've patched your server against
these vulnerabilities, but clearly not everyone has."

Of course I have. But again, how does the fact that many dummy windows admins out there don't patch their machines make Windows insecure? If everyone was still installing and running old distros of Red Hat 6 and not patching them, would that mean linux is insecure?
Posted by: toadlife   Posted on: 10/22/05 You are currently: a Guest | Members login | Terms of Use
Reply to Story No further replies to this post will be accepted.

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

But nobody expects the Dutch Inquisition  Boot_Agnostic | 10/21/05
All posible because of Microsoft. For criminals, it is much easier  DonnieBoy | 10/21/05
All possible because of...  toadlife | 10/21/05
Yes, Window is a VERY GOOD medium. Works 100x better  DonnieBoy | 10/22/05
That is just ignorant  Jeff the god of biscuits | 10/21/05
You are correct, and vulnerabilities not even a requirement  toadlife | 10/22/05
It is all of the automatic code execution vulnerabilities that are the  DonnieBoy | 10/22/05
They are a problem  toadlife | 10/22/05
Let's see, Apache 70%, IIS 20%, acording to you, we should have many more  DonnieBoy | 10/22/05
Got any statistics to prove that?  toadlife | 10/22/05
Didn't think so?  Immanuel Tranz-Mischen | 10/22/05
If you have a source for statistics...  toadlife | 10/22/05
You know as well as I do  Immanuel Tranz-Mischen | 10/23/05
Actually they are reported  toadlife | 10/23/05
...nice try...  rafe01 | 10/24/05
Depends on who's numbers you use.  ShadeTree | 10/24/05
re: nice try  toadlife | 10/24/05
Really, the biggest problem with IIS, it only runs on one insecure, bug  DonnieBoy | 10/23/05
So what prompted you to become a zealot Donnie?  toadlife | 10/23/05
Your position and strong words compell  Boot_Agnostic | 10/21/05
Hah!  Loverock Davidson | 10/21/05
Not another car analogy  beerman_z | 10/21/05
Yet a car as part of a list of things  Boot_Agnostic | 10/22/05
Oh, enjoy Madden this year  Boot_Agnostic | 10/22/05
It Can  blieffring@... | 10/22/05
You're kidding, right?  anythingbutmine0 | 10/21/05
Never heard of Apache? It has 70% marked vs 20% for IIS, but IIS has had  DonnieBoy | 10/22/05
It's not the 2000 any more  toadlife | 10/22/05
Apparently he knows.  Immanuel Tranz-Mischen | 10/22/05
Put up or shut please...  toadlife | 10/22/05
Are you laboring under the misapprehension  Immanuel Tranz-Mischen | 10/22/05
...  toadlife | 10/22/05
No, you're ignorant.  Immanuel Tranz-Mischen | 10/22/05
What a bunch of STUUUUPID responses. It is ok to be stupid, others would be  DonnieBoy | 10/22/05
I seriously think you are not very computer educated  DanielBlessing | 10/27/05
how long would it take 1.5 million computers to...  zijiang | 10/21/05
Oh, somebody's Beowulf  Boot_Agnostic | 10/21/05
Won't work for 128 bit encryption  george_ou | 10/21/05
Now that's funny  beerman_z | 10/21/05
Hmm, I wonder...  Zogg | 10/23/05
Say, you have 1.5 mil slave computers?  DanielBlessing | 10/27/05
Conflicting Objectives  blieffring@... | 10/22/05
Mac/Windows same thing?!  Andromedat6 | 10/22/05
And tell those users to  Boot_Agnostic | 10/22/05
Make it all illegal  xkmail | 10/23/05
Get a grip please  NemesisNL | 10/23/05
Gee I didn't know that MS windows have the 'remote cluster' capability....  michael_t | 10/24/05
Not really, think you have 1.5 mil slave computers  DanielBlessing | 10/27/05

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Meet Doc