> For fun, the next time someone mentions worms and IIS, and how *Nix is
> the best alternative, say three words: "UNIX. Morris. Worm."
huh?
cos' thats what they will say to me if I said that ;-)
----- Original Message -----
From: "Billy Cravens" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Wednesday, September 26, 2001 6:43 AM
Subject: RE: Check out what Gartner is recommending. Drop IIS!
> At this point, this is probably true.
>
> The security landscape changes with time, and as professionals, we must
> change with it. We should be willing to learn other platforms if IIS
> isn't the best solution; we must also guard against the Microsoft
> bigotry that runs rampant. If this was Apache, people would say, "There
> are costs to the freedom that the open source revolution brings us!" If
> it's IIS, "Typical Microsoft sh**. That's what they get for their bold
> attempt at world domination!"
>
> For fun, the next time someone mentions worms and IIS, and how *Nix is
> the best alternative, say three words: "UNIX. Morris. Worm."
>
> ---
> Billy Cravens
> Web Development, EDS
> [EMAIL PROTECTED]
>
>
> -----Original Message-----
> From: Benjamin Falloon [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, September 25, 2001 3:32 PM
> To: CF-Talk
> Subject: Re: Check out what Gartner is recommending. Drop IIS!
>
>
> Sure, I'm not saying that either Apache or other web server don't have
> holes, but running IIS is like walking around with a 'kick me' sign
> stuck to your back knowing full well it's there.
>
> People don't usually write viruses/worms for apache and other web
> servers... they usually just hack them which is always possible, but
> with IIS people are writting automated viruses/worms. I'd rather be
> hacked by a hacker with a sense of humour than have my how web serving
> directory nuked by an automated program.
>
> My point is that you would have less exposure to risk running
> alternatives because they aren't a massive target like IIS is.
>
> Benjamin
>
>
> ----- Original Message -----
> From: "Costas Piliotis" <[EMAIL PROTECTED]>
> To: "CF-Talk" <[EMAIL PROTECTED]>
> Sent: Wednesday, September 26, 2001 6:19 AM
> Subject: RE: Check out what Gartner is recommending. Drop IIS!
>
>
> > You know it's funny though. A quick search at www.securiteam.com
> > shows
> that
> > Apache and iPlanet have many vulnerabilities as well. Think perhaps
> > that the research is simply political? Hackers seem to actually
> > target IIS
> boxes
> > likely for their hatred of Micro$oft. I think there's more to this
> > than meets the eye...
> >
> > Remember, nothing's ever secure. As stated in the movie The Score:
> > "If someone built it, someone can break it".
> >
> >
> > -----Original Message-----
> > From: Benjamin Falloon [mailto:[EMAIL PROTECTED]]
> > Sent: Tuesday, September 25, 2001 12:42 PM
> > To: CF-Talk
> > Subject: Re: Check out what Gartner is recommending. Drop IIS!
> >
> >
> > Maybe a little OT, but my 2c.
> >
> > I wouldn't call that stupid at all.
> > Consider all of the attacks aimed squarely at IIS in the past few
> > months. It's only going to increase. I've had personal experience with
>
> > being
> hacked.
> > I run 2 internal IIS development boxes for CF and an internal hack
> replaced
> > *ALL* index.htm, default.htm files in all folders in the web serving
> > directory. Lucky more files where cfm.
> >
> > I'm not a 'server' admin (by title) but I can thank MS for this. If
> > they released a tighter web server with less vunerabilities maybe
> > there would
> be
> > fewer viruses/hacks that could penetrate. People shouldn't need to
> > have to patch every week.
> >
> > Doesn't that fact indicate that just *maybe* the software itself is
> > pretty shaky?
> >
> > Consider this quote from the article,
> >
> > "Gartner remains concerned that viruses and worms will continue to
> > attack IIS until Microsoft has released a completely rewritten,
> > thoroughly and publicly tested, new release of IIS,"
> >
> > Rewritten. That would be a good idea. Try to imagine a pair of pants
> > with
> as
> > many 'security' patches as is and will continue to be required for
> > IIS.
> I'd
> > say the pants would be more patches than pants.
> >
> > Just a thought,
> >
> > Benjamin
> >
> > PS maybe apache would be a good alternative.
> >
> >
> >
> > ----- Original Message -----
> > From: "Rey Bango" <[EMAIL PROTECTED]>
> > To: "CF-Talk" <[EMAIL PROTECTED]>
> > Sent: Wednesday, September 26, 2001 3:03 AM
> > Subject: OT: Check out what Gartner is recommending. Drop IIS!
> >
> >
> > > Now, I've always found Gartner to sway in a particular direction
> > > based in the wind changes and the phases of the moon but this
> > > recommendation is
> > just
> > > plain stupid. Check it out:
> > >
> > > http://news.cnet.com/news/0-1003-200-7294516.html
> > >
> > > Rey Bango
> > >
> > >
> > >
> >
> >
>
>
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get the mailserver that powers this list at http://www.coolfusion.com
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/[email protected]/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
