IIS6 secure?

May 8th, 2005

Comments: 0
Category: Vulnerability Management

IIS6 secure?

Richard Monson-Haefel: Is Microsoft IIS 6.0 more secure than Apache HTTP Server 2.0?
Interesting posting on the relative security of IIS 6 and Apache 2.0. I’d agree that IIS 6 seems to have a MUCH better record than previous versions in terms both of vulnerability counts and initial configuration.
The only caveat I’ve got on it is my usual one about MS security, which is that with their products you have to look at the vulnerability of the whole stack as installed because it’s so darn difficult to separate out the bits you don’t want, unlike the situation with Apache running on something like Linux or BSD…
but I’ve done that rant before so I shan’t do it again…

Add a comment

Your email address will not be shared or published. Required fields are marked *