[Dailydave] Graphing: Don't believe everything you see.
LMH
lmh at info-pull.com
Wed Feb 7 13:15:39 EST 2007
On 2/7/07, George Ou <george_ou at lanarchitect.net> wrote:
> Ok this is really stupid. Why is it that Apache has so many more critical
> flaws than IIS 6.0 then?
>
> IIS 6.0
> http://secunia.com/product/1438/?task=advisories
>
> Apache 2.0
> http://secunia.com/product/73/?task=advisories
>
> Note that a lot of those Apache advisories are MULTIPLE exploits.
http://secunia.com/product/4661/
lighttpd "just" has 3 known "advisories" released there. And well,
running lighttpd on a production system and being concerned about
security is pretty much like walking nude in a donkey farm, fully
covered with pheromones.
Any 'study' done upon known statistics is already a flawed assumption
as a whole.
Not that I'm doing propaganda for Apache. Given that nowadays people
pretend to publicize mod_security and friends for improving the
security of their 'web applications' the situation isn't really nice,
for them.
Cheers.
More information about the Dailydave
mailing list