OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Damien Adams (dadamsscientech.com)
Date: Thu Oct 04 2001 - 12:15:39 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    The Gartner study has already been picked apart and disregarded. Of course
    you would advocate a Linux or Unix product, you work for "Mission Critical
    Linux", seems to me like you are pushing your own agenda. I have heard
    people argue that Linux solutions dont turn things on by default,
    etc.,etc... Here is the thing to keep in mind. Windows offers ease of use,
    IIS offers ease of use. If people cant figure out how to turn off default
    services and keep their systems patched, in my opinion they are not going to
    be able to run a Linux box. Linux and Apache have not proven to be totally
    secure and efficient and they have exploits and vulnerabilites also. They
    require patches and updates be applied just like Windows. Each one has its
    own pros and cons and its up to each individual to figure out what solution
    will work best for their needs. Just my two cents on it.

    >>-----Original Message-----
    >>From: Derek D. Martin [mailto:ddmmclinux.com]
    >>Sent: Thursday, October 04, 2001 8:49 AM
    >>To: Kevin Kaminski
    >>Cc: 'focus-mssecurityfocus.com'
    >>Subject: Re: ICMP, NT and IIS: What is a safe cocktail?
    >>
    >>
    >>-----BEGIN PGP SIGNED MESSAGE-----
    >>Hash: SHA1
    >>
    >>Kevin Kaminski said:
    >>
    >>> I am looking at deploying a Win2K IIS server on the
    >>Internet. The only
    >>> services offered are IIS on port 80 and IPSec for
    >>administration. While
    >>
    >>Don't do it! You must resist!
    >>
    >>Seriously... even the Gartner Group, not renowned for being
    >>fans of open
    >>source software, are advising people not to use IIS, and to
    >>investigate alternatives.
    >>
    >> http://www3.gartner.com/DisplayDocument?doc_cd=101034
    >>
    >>Note that, while I would certainly prefer and advocate a Linux- or
    >>Unix-based solution, that doesn't mean you can't run say, Apache, on
    >>NT (yeah, 2000, SSDD). I wouldn't do it, but if you can't choose your
    >>OS or won't choose a better OS, you do have that option.
    >>
    >>- --
    >>Derek Martin
    >>Senior System Administrator
    >>Mission Critical Linux
    >>martinMissionCriticalLinux.com
    >>
    >>-----BEGIN PGP SIGNATURE-----
    >>Version: GnuPG v1.0.6 (GNU/Linux)
    >>Comment: For info see http://www.gnupg.org
    >>
    >>iD8DBQE7vFq5djdlQoHP510RAsw/AJ0XLelozvw3pzST/o+mU7E+IsgR4wCfRlT8
    >>Y/4S6VZXR//U4Tj4OFoAP9o=
    >>=QeHN
    >>-----END PGP SIGNATURE-----
    >>