I agree with Dave entirely here (and I'm sure Dave just breated a huge sigh of relief). Microsoft (and IIS as a result), because of its position in the marketplace, is held to a higher level of scrutiny, and this, the flaws that do exist are publicized with a level of glee at Slashdot and the like. As a result, the anti-Microsoft community is actually helping to make IIS a better, more secure product. To compare, Apache has 86 listed vulnerabilities on securityfocus.com, IIS has 142; certainly, IIS has more, but given the noise that the Open Source community makes about how insecure IIS is, I would expect Apache to be darn near impregnable. The other problem with IIS is that it is almost TOO EASY to set up with the default configuration, which is certainly less secure than how a knowledgeable IIS sysadmin would set it up.
Just my $.02 Pete ______________________________________________________________________ Get Your Own Dedicated Windows 2000 Server PIII 800 / 256 MB RAM / 40 GB HD / 20 GB MO/XFER Instant Activation � $99/Month � Free Setup http://www.pennyhost.com/redirect.cfm?adcode=coldfusionb FAQ: http://www.thenetprofits.co.uk/coldfusion/faq Archives: http://www.mail-archive.com/[email protected]/ Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
