> Apache puts out a lot of security patches. Those don't get as > much press as IIS. I might be hard to say whether Apache or > IIS gets more patches. My gut feel is that Apache makes > patches available faster than Microsoft does for IIS but, > again, no hard evidence on my part...
In my experience, most patches for IIS and Apache aren't necessary for most properly-configured servers. The big difference between the two is that IIS has more functionality enabled by default, and that's where the vulnerabilities usually are. IIS patches are usually available the day the exploit is publicized, just like Apache patches. Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ phone: 202-797-5496 fax: 202-797-5444 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Special thanks to the CF Community Suite Silver Sponsor - New Atlanta http://www.newatlanta.com Message: http://www.houseoffusion.com/lists.cfm/link=i:4:186316 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
