----- Original Message -----
From: "Jay D. Dyson" <[EMAIL PROTECTED]>
To: "Security-Basics List" <[EMAIL PROTECTED]>
Cc: "Nero, Nick" <[EMAIL PROTECTED]>
Sent: Wednesday, July 02, 2003 10:19 AM
Subject: RE: Ten least secure programs
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Wed, 2 Jul 2003, Nero, Nick wrote:
>
> > Hmmm, some interesting omissions in your Microsoft-laden list are:
>
> Whoaaaa. Back up there, pilgrim. My contributions were FTPd,
> POPd, IMAPd, Kazaa and Instant Messaging. Those are either typically
> UNIX-based or multi-platform. I did not single out Microsoft.
>
> As for the original list itself, the only references to Microsoft
> were Outlook and IIS. That's two out of ten. Hardly "Microsoft-laden."
>
> > Apache (holes are found monthly)
>
> In Apache v2.x mostly. And none of them have spawned bandwidth-
> sucking worms even remotely on par with Code Red or Nimda.
Well said. I don't like when people get all defensive thinking people are
just bashing MS, when it's not the case. MS, like BIND and Sendmail (NOT MS
products) were listed as well. If it should be in the top 10, people are
listing them. As for Apache 1.x, true, it's hardly an exploit each month
and is mostly in Apache 2.x too.
--
Regards,
Tim Greer [EMAIL PROTECTED]
Server administration, security, programming, consulting.
---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------
