Microsoft's IIS twice as likely to host malware than Apache

Discussion in 'Computer Support' started by Au79, Jun 8, 2007.

  1. Au79

    Au79 Guest

    Au79, Jun 8, 2007
    #1
    1. Advertisements

  2. Au79

    Mr. Arnold Guest

    "Au79" <> wrote in message
    news:K%2ai.463360$...
    > IT PRO - London,Greater London,UK
    >
    > "The integration between attacks originating from popular web sites and
    > desktop based vulnerabilities is particularly concerning ...


    If the developer doesn't know how to write secure Web solutions to face the
    Internet, then it doesn't matter what Web server is being used. If the
    framework on which the Web solution is based on is not a secure framework,
    then it doesn't matter how it was developed.

    If the administrators of the Web server(s) don't know how to secure the Web
    server properly, then it doesn't matter what Web server is being used.

    If the administrators of the O/S on which the Web server is running on don't
    know how to properly secure the O/S and underlying components of the O/S to
    be exposed to the Internet, then it doesn't matter what O/S is being used.

    Hell, most of them don't even know what a CSS attack is even about or other
    forms of attacks.

    http://en.wikipedia.org/wiki/Cross-site_scripting

    In general, most Web sites no matter what Web server is being used or the
    platform it's running on are wide open to attack, due to incompetence. They
    just throw things out there with no concern about security whatsoever.
     
    Mr. Arnold, Jun 8, 2007
    #2
    1. Advertisements

  3. Au79

    Fuzzy Logic Guest

    Au79 <> wrote in news:K%2ai.463360$:

    > IT PRO - London,Greater London,UK
    >
    > "The integration between attacks originating from popular web sites and
    > desktop based vulnerabilities is particularly concerning ...
    >
    ><http://www.itpro.co.uk/news/115085/microsofts-iis-twice-as-likely-to-host
    >-malware-than-apache.html>


    You off course left out the relevant quote from the article:

    "It is very interesting to see that in China and South Korea, a malicious server is much more likely to be running
    IIS than Apache," said Modadugu.

    The researcher said that the causes for IIS featuring more prominently in these countries could be due to
    factors, such as automatic updates and security patches not being enabled due to software piracy.
     
    Fuzzy Logic, Jun 8, 2007
    #3
  4. Au79

    Fuzzy Logic Guest

    Au79 <> wrote in news:K%2ai.463360$:

    > IT PRO - London,Greater London,UK
    >
    > "The integration between attacks originating from popular web sites and
    > desktop based vulnerabilities is particularly concerning ...
    >
    ><http://www.itpro.co.uk/news/115085/microsofts-iis-twice-as-likely-to-host
    >-malware-than-apache.html>


    The issue is unpatched servers. Properly maintained servers (IIS and Apache) are extremely unlikely to be
    comprimised. Of course you failed to mention this article:

    http://blog.washingtonpost.com/securityfix/2007/05/cyber_crooks_hijack_activities_1.html

    Which mentions that IPOWER hosted 700,000 sites of which it's uncertain how many have been compromised
    (250,000 was the estimate). The reason was failure to update Apache and PHP.

    When will you get it that it's not the software you use but how well you maintain it that's the primary factor in
    ensuring it's security?
     
    Fuzzy Logic, Jun 8, 2007
    #4
    1. Advertisements

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.
Similar Threads
  1. jonnah
    Replies:
    1
    Views:
    2,409
    mcaissie
    Apr 21, 2004
  2. moe_rodrigue

    IIS 6.0 win2003, IIS users

    moe_rodrigue, Apr 1, 2004, in forum: MCSE
    Replies:
    1
    Views:
    1,422
    MikeF
    Apr 1, 2004
  3. JoelSeph
    Replies:
    9
    Views:
    7,581
    JoelSeph
    Jan 23, 2006
  4. Peter
    Replies:
    0
    Views:
    875
    Peter
    Nov 17, 2004
  5. PowerPost2000

    Are big hard drives more likely to fail than smaller ones?

    PowerPost2000, Jun 4, 2005, in forum: Computer Support
    Replies:
    4
    Views:
    1,842
    Patrick
    Jun 5, 2005
  6. Lookout

    task bar twice as thick as it was

    Lookout, Aug 7, 2005, in forum: Computer Support
    Replies:
    6
    Views:
    2,745
    burris
    Aug 7, 2005
  7. Jojo the 90lb hottie

    Dane Cook: Great S.N.L. host or GREATEST S.N.L. host?

    Jojo the 90lb hottie, Feb 14, 2007, in forum: Digital Photography
    Replies:
    0
    Views:
    916
    Jojo the 90lb hottie
    Feb 14, 2007
  8. Galpersonal
    Replies:
    8
    Views:
    1,496
    universal4
    Aug 13, 2006
Loading...