OK. Since you are not familiar with sarcasm, I'm closing the register.
Quoth the Costas: "Hackers seem to actually target IIS boxes
likely for their hatred of Micro$oft. I think there's more to this than
meets the eye..."
Quoth the Benjamin: "Sure, I'm not saying that either Apache or other web
server don't have
holes, but running IIS is like walking around with a 'kick me' sign stuck to
your back knowing full well it's there."
I'm not disagreeing with anything you guys have said. Certainly every web
server has bugs exploits, blah, blah, blah. I'm simply offering an opinion
as to why IIS seems to have a big ass target painted on it. Perhaps
Just call me Flamebait.
-----Original Message-----
From: Rey Bango [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, September 25, 2001 4:33 PM
To: CF-Talk
Subject: Re: Check out what Gartner is recommending. Drop IIS!
Chris,
We're not talking about why MS is a target. The discussion is about whether
Gartner's recommendation to move to another platform makes sense. I don't
want to harp on you but I don't want this to turn into another "Linux is
better than MS is better than FreeBSD is better than..." thread.
Rey...
----- Original Message -----
From: "Chris Martinez" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Tuesday, September 25, 2001 4:53 PM
Subject: RE: Check out what Gartner is recommending. Drop IIS!
> Benjamin that is one of the best analogies I've heard. But back to what
> Costas was saying. Why has Microsoft become such a target?
> Sure they release overpriced, bloated, buggy products. Sure their
business
> practices are shady. And perhaps maybe, just maybe they stole a couple of
> ideas from other companies. But why all the hate? Look at all the good
they
> have done.
>
> -----Original Message-----
> From: Benjamin Falloon [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 25, 2001 3:32 PM
> To: CF-Talk
> Subject: Re: Check out what Gartner is recommending. Drop IIS!
>
>
> Sure, I'm not saying that either Apache or other web server don't have
> holes, but running IIS is like walking around with a 'kick me' sign stuck
to
> your back knowing full well it's there.
>
> People don't usually write viruses/worms for apache and other web
servers...
> they usually just hack them which is always possible, but with IIS people
> are writting automated viruses/worms. I'd rather be hacked by a hacker
with
> a sense of humour than have my how web serving directory nuked by an
> automated program.
>
> My point is that you would have less exposure to risk running alternatives
> because they aren't a massive target like IIS is.
>
> Benjamin
>
>
> ----- Original Message -----
> From: "Costas Piliotis" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Wednesday, September 26, 2001 6:19 AM
> Subject: RE: Check out what Gartner is recommending. Drop IIS!
>
>
> > You know it's funny though. A quick search at www.securiteam.com shows
> that
> > Apache and iPlanet have many vulnerabilities as well. Think perhaps
that
> > the research is simply political? Hackers seem to actually target IIS
> boxes
> > likely for their hatred of Micro$oft. I think there's more to this than
> > meets the eye...
> >
> > Remember, nothing's ever secure. As stated in the movie The Score: "If
> > someone built it, someone can break it".
> >
> >
> > -----Original Message-----
> > From: Benjamin Falloon [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, September 25, 2001 12:42 PM
> > To: CF-Talk
> > Subject: Re: Check out what Gartner is recommending. Drop IIS!
> >
> >
> > Maybe a little OT, but my 2c.
> >
> > I wouldn't call that stupid at all.
> > Consider all of the attacks aimed squarely at IIS in the past few
months.
> > It's only going to increase. I've had personal experience with being
> hacked.
> > I run 2 internal IIS development boxes for CF and an internal hack
> replaced
> > *ALL* index.htm, default.htm files in all folders in the web serving
> > directory. Lucky more files where cfm.
> >
> > I'm not a 'server' admin (by title) but I can thank MS for this. If they
> > released a tighter web server with less vunerabilities maybe there would
> be
> > fewer viruses/hacks that could penetrate. People shouldn't need to have
to
> > patch every week.
> >
> > Doesn't that fact indicate that just *maybe* the software itself is
pretty
> > shaky?
> >
> > Consider this quote from the article,
> >
> > "Gartner remains concerned that viruses and worms will continue to
attack
> > IIS until Microsoft has released a completely rewritten, thoroughly and
> > publicly tested, new release of IIS,"
> >
> > Rewritten. That would be a good idea. Try to imagine a pair of pants
with
> as
> > many 'security' patches as is and will continue to be required for IIS.
> I'd
> > say the pants would be more patches than pants.
> >
> > Just a thought,
> >
> > Benjamin
> >
> > PS maybe apache would be a good alternative.
> >
> >
> >
> > ----- Original Message -----
> > From: "Rey Bango" <[EMAIL PROTECTED]>
> > To: "CF-Talk" <[EMAIL PROTECTED]>
> > Sent: Wednesday, September 26, 2001 3:03 AM
> > Subject: OT: Check out what Gartner is recommending. Drop IIS!
> >
> >
> > > Now, I've always found Gartner to sway in a particular direction based
> > > in the wind changes and the phases of the moon but this recommendation
> > > is
> > just
> > > plain stupid. Check it out:
> > >
> > > http://news.cnet.com/news/0-1003-200-7294516.html
> > >
> > > Rey Bango
> > >
> > >
> > >
> >
> >
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
