ZDNets Jack Danahy says IIS is unfairly accused

Submitted by charlie.collins on Sat, 10/06/2001 - 13:55

Tagged:

The Internets

Wow. In this article the acclaimed (Sarcasm intended) author proclaims that the platform is not the issue. Granted that many security problems are due to implementation regardless of platform but we can still face the reality that IIS has problems, cant we? These are platform problems. Many of the exploits available for IIS (past, present, future) were unknown when the trouble hit. This is absolutely a platform issue. Beware, the guy that wrote this is actually an executive (imagine that) at a security firm! See the article via the link. ZDNets Jack Danahy says IIS is unfairly accused

Add new comment

Comments

Re: ZDNets Jack Danahy says IIS is unfairly accused

Submitted by Fuse (not verified) on Sat, 10/06/2001 - 20:51.

Here's an article which clearly illustrates how to look like an ignorant fool in one easy lesson. A few basic facts have been conveniently overlooked. Most notably, CodeRed arrived PRIOR to Microsoft releasing their very inadequate patch. IIS still has some very major holes and I imagine some kid will soon demonstrate how easily one may take advantage of them. I've seen all sorts of articles comparing IIS and Apache, including some which show the numbers of vulnerabilities which have been reported for each, as if that in itself is an indication of the real situation. What is NOT addressed is the severity of the vulnerabilities or how quickly they are rectified. Come on people, how can anyone with even a glimmer of intelligence believe IIS is anything other than a virus magnet and a backdoor to your network?