Hi, Hi, If you are not trying to run this on a desktop then Windows Server 2003 already comes with IIS6 - which is it might surprise you to know is one of the most secure web servers around as regards known vulnerabilities. One minor denial of service issue in 2004 is the only issue with IIS6 since release. See http://www.microsoft.com/technet/security/current.aspx
For anyone interested, several very large hosting companies have recently migrated to Windows server (from Linux / Apache). See http://news.netcraft.com/ "Microsoft continues to gain share in the web server market, chipping away at Apache's commanding lead. The number of hostnames on Windows servers grew by 4.5 million, giving Microsoft 29.7% market share, a gain of 4.25% for the month. Apache had a decline of 429K hostnames, and loses 3.5% to 61.25%. Apache's lead over Microsoft, which stood at 48.2% in March, has been narrowed to 31.5%, a shift of 16.7% in just three months. The largest movement of sites from Apache to IIS was once again at Go Daddy, with over 1.6M hostnames moving from Apache to IIS this month. While those parked domains were a major factor in Microsoft's gains, Windows also saw solid growth in active sites, hostnames that contain content and likely to represent developed web sites." Probably surprising to most on this list, but true! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Anothony Georgeo Sent: 07 June 2006 17:54 To: [email protected] Subject: "SHTTPD": Windows web-server, light-weight, stand-alone and multi-platform (Unix, etc) Hi, I was reading <http://tor.eff.org/docs/tor-hidden-service.html.en> and I thought I could help with the the following question: --- If you're on Windows, ...what should we suggest here? Is there a good simple free software (not just "freeware") web server for Windows? Please let me know what we should say here. --- IMO "Shttpd" ("Simple HTTPD") is a worthy candidate as a Windows web-server for use with HiddenServices. <http://shttpd.sourceforge.net/> Shttpd is a very nice, secure(SSL), free & open-source (MIT license), light-weight and stand-alone web-server which is multi-platform (Win32, Unix, Linux, *BSD, MacOS, QNX, Solaris). Shttpd has a great and easy to use GUI and the code for Shttpd was security reviewed by Adam Zeldis. Quotes from the site: --- Overview: SHTTPD is a lightweight web server. The main design goals are the ease of use and the ability to embed. Ideal for personal use, web-based software demos (like PHP, Perl etc), quick file sharing. A care has been taken to make the code secure. SHTTPD is licensed under the terms of MIT license. --- --- Features: * Small. Fast. No bloat, no installation. * GET, POST, HEAD, PUT, DELETE methods * CGI, SSL, digest auth, resumed download, aliases * Standard logging (combined format) * Very simple and clean embedded API * dietlibc friendly. NOT that friendly to the uClibc --- Regards, __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
