IIS on XP Home - Page 4 - HTML Forums

dimeric · 08-19-2007, 01:31 PM

Sorry but this thread takes the piss. BillyGalbreath you clearly know sod all about internet security. If you look at the actual numbers of attacks then windows sever 2003 comes out as the most secure server OS and microsoft MSSQL is by far and away the most secure database.

It is important to actually look at data and not just shout "LINUX AMZ REALLY SECUREZZZZ" as its just plain incorrect. MySpace and ebay both are based on .net (ebay also uses Java as they have quite a complicated set up).

If you look at server vunerabilities fixed this year (in the attached image).
Wow look how bad windows server 2003 is!

By the way RHEL stands for Red Hat Enterprise Linux, as RHEL5 has only been out since march the YTD figures are only from march.

If you want to shoot your mouth off about how much you know about security then it might be worth actually doing a little bit of reasearch.

(That image comes from Jeff Jones Blog http://blogs.technet.com/security/default.aspx, he's one of the head guys for security at MS)

BillyGalbreath · 08-19-2007, 04:52 PM

RHEL is a joke - Red Hat was a joke way back before they went "enterprise" and started charging for their software. Find a chart with BSD, Debian, or Slackware compared to a Windows 2003 server... Someone from MS is not going to show you that kind of graph because they are clearly not as secure. They take the outcast of the *nix world to use as their scapegoat. I wouldn't put any of those Linux distros on any of my computers, not even a desktop for my kids...

And BTW - the chart proves nothing except REHL and Novel fixed more vulnerability issues. Did they take into account that most Microsoft updates are often slow (if ever) to be released? Or maybe MS never could fix the vulnerabilities found. Someone that works for MS is surely not going to show you that kind of data...

Open Source software that is proven to be secure (Like Debian Stable) is more secure than any Windows OS, hands down.

alyssasdaddy · 08-19-2007, 05:00 PM

Quote:

Sorry but this thread takes the piss. BillyGalbreath you clearly know sod all about internet security. If you look at the actual numbers of attacks then windows sever 2003 comes out as the most secure server OS and microsoft MSSQL is by far and away the most secure database.

It is important to actually look at data and not just shout "LINUX AMZ REALLY SECUREZZZZ" as its just plain incorrect. MySpace and ebay both are based on .net (ebay also uses Java as they have quite a complicated set up).

If you look at server vunerabilities fixed this year (in the attached image).
Wow look how bad windows server 2003 is!

By the way RHEL stands for Red Hat Enterprise Linux, as RHEL5 has only been out since march the YTD figures are only from march.

If you want to shoot your mouth off about how much you know about security then it might be worth actually doing a little bit of reasearch.

(That image comes from Jeff Jones Blog http://blogs.technet.com/security/default.aspx, he's one of the head guys for security at MS)

Yesterday 08:42 AM

Are you kidding me? Please tell me you are.

dimeric · 08-19-2007, 05:12 PM

No its because BSD, Debian, or Slackware are not enterprise. RHEL is just a normal version of LINUX but is an enterprise edition (so you are garunteed a security response). As for days not fixed charts have a look at the attached graph from the same site.

You

I'm sorry but you don't seem to be providing anything close to science its just shouting and saying words like prooved, perhaps a recent report by security innovation (http://www.securityinnovation.com/pd...inal_study.pdf) might help.

Oh and as for

Quote:

Open Source software that is proven to be secure (Like Debian Stable) is more secure than any Windows OS, hands down.

Do you want to quantify any of that or just keep using rhetoric.

Why would i be kidding?

Hang on i just realised that there is no way in hell you are actually going to read that report so here is one paragraph from the Executive Summary of the report:

Quote:

Our study shows a total of 52 such vulnerabilities for the Windows Server 2003 based solution compared with 132 vulnerabilities for the minimally configured Red Hat Enterprise Linux server based solution and 174 vulnerabilities for the default Red Hat Enterprise Linux server based solution. Additionally, when examining the “days of risk” – time between when a vulnerability is publicly disclosed to when a patch is released by the vendor for that vulnerability – we found an average of 31.3 days of risk per vulnerability for the Windows solution, 69.6 days of risk per vulnerability for the minimal Linux solution and 71.4 days of risk for the default Linux solution.

BillyGalbreath · 08-19-2007, 05:28 PM

http://en.wikipedia.org/wiki/Compari...Linux#Security

An unbiased view (both sides get to rewrite this article, so its mutual for both sides of the argument).

BillyGalbreath · 08-19-2007, 05:33 PM

Just in case you dont want to follow the link.. here is a section of it...

Quote:

To determine what constitutes secure software, working backwards from insecurity is illuminative. The ideal software to facilitate the spread of malware has several characteristics. It should be:

* Widely used, to maximize the number of those who could be infected, and the likelihood that infected systems will contact others able to be infected
* Slowly patched, to maximize the time the malware remains effective, and minimize development effort for new malware
* Monolithic with no compartmentalization of components, to maximize the damage malware can do

Secure software should therefore have a small user base to discourage malware development, rapid updates to neutralize new threats, and a compartmentalized structure that isolates damaged sections. Linux is superior to Windows in all three areas. The last is achieved by separating user and root privileges.

Prior to Windows Vista, almost all Windows users were given a root account by default because lesser accounts were overly restrictive for most users. Linux user account tiers have historically allowed greater control, precluding the need for all users to have root access. Without root, it becomes much more difficult for malware to spread.

dimeric · 08-19-2007, 05:38 PM

Thats not evidence its just a series of statements, oh and how "both sides can edit it" counts as being fair i don't understand. I mean scientific evidence where people do research not Wikipedia.

alyssasdaddy · 08-19-2007, 05:47 PM

Bravo Billy (<-- Is that inappropriate language too)

Well said Billy

And Afterburn; Next time you view something of inappropriate think of all possibility's or the subject matter. RTFM (Read the faq manual) is not inappropriate for the subject.

lets think of other ways that can be done

Read the free manual
Read the facts man
Read the Fix manual
Read the Family manual
Red Trunk for me
Ready to fight men
Ready to feel mighty
ready to fix motorcycles
reading the free manual
Reading to forget myself

I can think of alot more but i think that you get the idea

BillyGalbreath · 08-19-2007, 05:49 PM

Quote:

Originally Posted by dimeric

Thats not evidence its just a series of statements, oh and how "both sides can edit it" counts as being fair i don't understand. I mean scientific evidence where people do research not Wikipedia.

You just harden my words. MS users really are ignorant.

alyssasdaddy · 08-19-2007, 05:53 PM

dimeric,

Yes Windows is superior to Linux, In your mind and everyone else that argues that fact, However Linux is superior to Winblows in Billy's mind simple. and everyone that argues that. I for one will stick and stand by Linux for what it is worth.

From personal experience Linus has been ten times more the Winblows, I have used Win XP and 2000 AS so i do have room to talk now my servers are Linux and my DE's are Linux.

Pegasus · 08-19-2007, 06:28 PM

Gentlemen, this looks like an unwinnable argument, neither side is going to give an inch.

So here's the deal.

I'm a Mac-user. I know squat about ASP but from what I've been able to gather, IIS cannot be run on XP Home. You need to have XP Pro, at the very least. Now I'll close the thread.

Pegasus