From: "Kornél Pál" > Jeff White wrote:
> >HTTP.SYS is for quick static responses. > > > >They may be cached html files sent via > >the Windows kernel. Not a real new big > >business web server. But may be a server > >for the one man shop and may be for security > >of open ports, etc. :) > > I have to say you are wrong. Okay I often am but where? :) > HTTP API is really fast in cached responses > however it doesn't mean any overhead on > dynamic responses as the work it does with > the request and response should be done > by the web server if it don't use HTTP API. So I believe you are saying I am wrong with "HTTP.SYS is for quick static responses."? Perhaps this HTTP.SYS "main idea and heart" is for quick static responses. If not the above, I do not understand, please explain... > And I think HTTP API doesn't provides any > extra security. > Okay for starters, what happens when on Windows XP SP2 HTTP.SYS gets an invalid request when controlling all ports? Or a request for access on an open port but nothing defined with HTTP.SYS for that open port? Now compare the difference with a computer with an open port but no HTTP.SYS on Windows XP SP1. See any big security differences? Jeff
