Bah, the source code doesn't directly tell you its secure. To my knowledge there hasn't been any attacks against IIS, every attack was against some specific technology that was usually found to have been left open by the user.
If you have IIS doing a strait web request for HTTP with HTML that does not pass through a script engine or ISAPI filter then I bet you hit the same level of security as you would with apache. I've never had good luck with open source, I don't do much software development anymore, mostly hardware and third party app. I hate it when people start talking open source for enterprise applications that require 24x7x365 because when something does go wrong, I got nobody to call. > -----Original Message----- > From: Denstizzo [mailto:[EMAIL PROTECTED] > > > Bet *nix is still "better". > > Anyways, the real issue is, how can I tell if IIS is secure? > Audit the source code? Oh, yeah. > > Or: How about: want to make it better? Pay someone else- > but not just anyone who could do it, pay these guys. > > Open Source ROCKS > just like socialism > =]3|\| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Upgrade to Adobe ColdFusion MX7 Experience Flex 2 & MX7 integration & create powerful cross-platform RIAs http:http://ad.doubleclick.net/clk;56760587;14748456;a?http://www.adobe.com/products/coldfusion/flex2/?sdid=LVNU Archive: http://www.houseoffusion.com/groups/CF-Community/message.cfm/messageid:227136 Subscription: http://www.houseoffusion.com/groups/CF-Community/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.5
