Welcome To The Home Of The Visual FoxPro Experts  
home. signup. forum. archives. search. google. articles. downloads. faq. members. weblogs. file info. rss.
 From: Ammar Hadi
  Where is Ammar Hadi?
 Al-Samawah
 Iraq
 Ammar Hadi
 To: Stefan Wuebbe
  Where is Stefan Wuebbe?
 Hamburg
 Germany
 Stefan Wuebbe
 Tags
Subject: RE: WebDAV Security hole in IIS 6.0
Thread ID: 228327 Message ID: 228406 # Views: 1 # Ratings: 0
Version: Not Applicable Category: Security and Application Protection
Date: Monday, May 18, 2009 6:59:38 PM         
   


> Hi Ammar -
>
> I feel honored that you want to hear my idea about it :-)
> It's just a for-what-it's-worth idea though, not at all objective:
> In former times, the first versions of IIS were completely unsafe, while Apache was much better.
> MS used not to care much for security, often known security issues in MS products were not patched
> for months. IIS used to be mentioned in the known-security-issues lists every other week.
>
> Since a few years, beginning someday in the late 1990s, MS changed it's policy.
> In the meantime, they can compare, Windows Update, i.e. patch managment and testing, works surprisingly well.
> Although there are still several legacies, e.g. some 10,000 bots out there, being controlled by organized
> criminals, because WinXP, as the 90++% monopoly O/S still allocates admin privileges for default accounts
> (Vista UAC does better).
>
> However, IIS does not get accused by the security experts very often anymore.
> My personal bottom line is that if I were a full-time Web admin, I would not refuse to take a look at IIS
> these days, although Apache might still be my first choice.
> The article you mentioned seems to be a mixture of facts and advertisement though, not extremely neutral,
> I'd say.
>
>
> Regards
> -Stefan

Thanks Stefan, I am the one who should feel honored. :-)

A good bunch of info.

Ammar Hadi ................IRAQ

My Foxite Weblog

---------------
I I I really love foxite
___________________________

ENTIRE THREAD

WebDAV Security hole in IIS 6.0 Posted by Stefan Wuebbe @ 5/18/2009 10:44:39 AM
RE: WebDAV Security hole in IIS 6.0 Posted by Ammar Hadi @ 5/18/2009 4:50:49 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Stefan Wuebbe @ 5/18/2009 6:48:11 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Ammar Hadi @ 5/18/2009 6:59:38 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Stefan Wuebbe @ 5/19/2009 5:04:32 PM
RE: WebDAV Security hole in IIS 6.0 Posted by Ammar Hadi @ 5/20/2009 11:04:03 AM