> > >HTTP.SYS is for quick static responses. > > > > > >They may be cached html files sent via > > >the Windows kernel. Not a real new big > > >business web server. But may be a server > > >for the one man shop and may be for security > > >of open ports, etc. :) > > > > I have to say you are wrong. > > Okay I often am but where? :)
I've quoted the lines in your are wrong in my opinion.:) Summarized: only static files, only small server, improved security > So I believe you are saying I am wrong with > "HTTP.SYS is for quick static responses."? > > Perhaps this > HTTP.SYS "main idea and heart" is for quick > static responses. It could be designed for static responses but it has to be at least as fast as Winsock is in dynamic responses as it does the same, but can be faster in dynamic responses as well as does some preprocession in kernel mode and don't trasfer invalid data to user mode. > > And I think HTTP API doesn't provides any > > extra security. > > > > Okay for starters, what happens when > on Windows XP SP2 HTTP.SYS gets > an invalid request when controlling all > ports? HTTP.SYS doesn't includes a firewall, but Windows Firewall (and any other firewall) can be used with any HTTP server. If all port is open (it's a really huge number of open ports, but why not:)) or if a single port is open on all IPs or a single port is open on a single IP it has to be request (including invalid ones) has to be handled the same way by the server. You are right that HTTP.SYS filters invalid requests but a public HTTP server has to filter all the requests that it cannot process or are invalid. > Or a request for access on an open > port but nothing defined with HTTP.SYS > for that open port? In any other cases a port will only be opened if neeeded. But in the case if a prot is listenig but no requests will be accepted is only a processor and network overhead. > Now compare the difference with > a computer with an open port but > no HTTP.SYS on Windows XP SP1. > > See any big security differences? Sorry, but I don't see them. Sincerely, Kornel
