>From: "Simon Cope" <[EMAIL PROTECTED]>
>Subject: RE: ERM IWS on Unix?
>Date: Tue, 25 Sep 2001 13:41:43 +0800
>Reply-To: [EMAIL PROTECTED]
>
>Hi Nicholas,
Hi Simon
>> -----Original Message-----
>> Subject: ERM IWS on Unix?
>>
>> Does ERM IWS run on Unix?
>>
>> If not, is there any plans to in the future?
>
>there is currently not a Unix version of Image Web Server available,
>although it is possible this may happen in the (distant) future.
>
>> Currently this NIMDA virus is wreaking havoc with
>> our Microsoft IIS, and a shift to Unix would be
>> a good solution.
>
>Although I can sympathise with your position (my own system at home was
>infected with Code Red 2), my understanding is NIMDA has primarily been
>spread via email, and although it can attack IIS directly a properly patched
>and configured IIS is quite safe.
My information is that NIMDA is spread by four different methods,
one of which is email. As a specific example, NIMDA entered our
network (Dept Main Roads) through a IIS Server, which was admittedly
not properly patched, but the entry method was not email.
>Windows in general has a bad reputation for viruses and bugs, but the
>reality is it's not really any worse than other OS's when you factor in the
>amount of functionality it provides in comparison to your typical Unix
>system.
How much functionality is required to run ERMapper IWS?
Would it not be best to, out of all the systems that have sufficient
functionality, choose the system with highest security?
Eg. System X has lower functionality than IIS, but sufficient
to run ERMapper IWS, and also has higher security. Would that not
make a better choise than IIS, which has extra (unused) functionality
and lower security?
This depends on wether IIS is the only web server with sufficient
functionality to run IIS.
> That's the tradeoff the majority of the market has made
>(functionality vs security), and I really don't see it changing anytime
>soon.
As a result of the NIMDA virus, my department has increased their
minimum standards for security. The decision means that web servers that
don't have sufficient security don't run at all. At this point, having
lots of functionality is irrelevant.
> Most "viruses" on windows are quite basic and only survive through
>end-user error (clicking on unknown attachments, failing to update virus
>checkers etc). If nothing else you have to admit Microsoft does release
>patches very quickly for real security flaws - much faster than you could
>expect from the opensource community.
When I talked about Unix, I should have mentioned that I actually meant
Sun Solaris. They are not open source.
>The other thing to consider is a Unix version of Image Web Server would
>likely perform poorly due to architectural limitations.
Could you explain the architectural limitations of Sun Solaris version 8?
The OS comes bundled with Apache for free, and there are many other
commercial web servers that run on Sun Solaris. Currently 60% of the
world's web servers are Sun Solaris.
>Lastly, don't forget the first ever internet Worm was written for Unix and
>exploited a buffer-overrun security flaw (just like Code Red and NIMDA...)!
The first ever internet worm occurred in 1988. The fact that it exploited
Unix over a decade ago doesn't automatically mean that Unix is vulnerable
today.
>Regards,
>
>--
>Simon
>
>^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>^^^^^
> Simon Cope, : e-mail:
>[EMAIL PROTECTED]
> CTO - Internet Technologies, : WWW:
>http://www.ermapper.com
> Earth Resource Mapping Pty Ltd, : Int'l Phone: +61 8 9388 2900
> Level 2, 87 Colin St, West Perth. : Int'l Fax: +61 8 9388 2901
> Western Australia 6005 : Australia Phone: (08) 9388 2900
> : Australia Fax: (08) 9388 2901
Thankyou for your prompt reply Simon,
Nick
************************************************************
Opinions contained in this e-mail do not necessarily reflect
the opinions of the Queensland Department of Main Roads,
Queensland Transport or National Transport Secretariat, or
endorsed organisations utilising the same infrastructure.
If you have received this electronic mail message in error,
please immediately notify the sender and delete the message
from your computer.
************************************************************
-----------------------------------------------------------
To make changes to your subscription, please visit our website,
http://www.ermapper.com/technicl/ermapperl/index.htm
