|
For all intents and purposes, win2k and XP are considered NT. Just as 95/98/98se/millenium are all 9x. It is a little easier than referring to 7 different product lines :) And here is a link for that honeynet project. I agree, very interesting stuff. http://project.honeynet.org/ Adam Lang Systems Engineer Rutgers Casualty Insurance Company http://www.rutgersinsurance.com ----- Original Message ----- From: "Jim Franz" <franz400@triad.rr.com> To: <midrange-l@midrange.com> Sent: Monday, December 31, 2001 10:44 PM Subject: Re: Is IIS worth the risk? > It doesn't take a reasonable excuse for a large part of the hacker community > to target IIS. (btw-IIS is not just NT, but also W2K & XP). The Gartner > warning which > started this about IIS clearly stated that for whatever reason, MS & IIS > will > continue to be a target. They also stated that IIS will continue to be > vulnerable > until MS rewrites it from scratch. Till then the patches will continue. That > makes > the cost of using/maintaining IIS very high. Why hackers do it is > irrelevant. > IIS is now a target of favor. If using IIS, make a business decision as to > what to do. > > If you want to know more about the "why" and "how", read 'Know your Enemy - > the > Honeynet Project' about a group tracking both Win & unix hackers. > imho > jim franz > > ----- Original Message ----- > From: "Adam Lang" <aalang@rutgersinsurance.com> > To: <midrange-l@midrange.com> > Sent: Monday, December 31, 2001 1:43 PM > Subject: Re: Is IIS worth the risk? > > > > I know, but the article was geared towards IIS and not email viruses, so > the > > desktop user base is a bit irrelevant. How much of the Windows user base > is > > actually NT? And then how many actually have IIS running? > > > > Server insecurity being blamed on the number of users making it a juicier > > target is a cop out. Not a justified excuse. > > > > Adam Lang > > Systems Engineer > > Rutgers Casualty Insurance Company > > http://www.rutgersinsurance.com > > ----- Original Message ----- > > From: "Jim Franz" <franz400@triad.rr.com> > > To: <midrange-l@midrange.com> > > Sent: Monday, December 31, 2001 12:57 PM > > Subject: Re: Is IIS worth the risk? > > > > > > > I think the article's description of "gigantic install base" refers to > the > > > desktops, > > > not the servers. Email virus generally attack desktop Outlook & Outlook > > > Express > > > (because it's easy and causes great "panic"). Behind the 26% IIS servers > > on > > > the > > > net are an incredible amount of desktops. Someone could theoretically > > > interfere > > > with the 5250 data stream, but who would notice? > > > imho > > > jim franz > > > > > > ----- Original Message ----- > > > From: "Adam Lang" <aalang@rutgersinsurance.com> > > > To: <midrange-l@midrange.com> > > > Sent: Monday, December 31, 2001 11:31 AM > > > Subject: Re: Is IIS worth the risk? > > > > > > > > > > Quote from article: > > > > > > > > "Worms, site defacements, and DDoS (distributed denial of service) > > attacks > > > > strike non-Microsoft servers daily. Microsoft simply makes a juicier > > > target, > > > > mostly by virtue of its gigantic installed base, than any of its > > > > competitors." > > > > > > > > Which is a load of crap. This justifies email viruses. Apache owns > 60% > > > of > > > > the webserver market. IIS about 20 to 25%. > > > > > > > > Adam Lang > > > > Systems Engineer > > > > Rutgers Casualty Insurance Company > > > > http://www.rutgersinsurance.com > > > > ----- Original Message ----- > > > > From: <jpcarr@tredegar.com> > > > > To: <midrange-l@midrange.com> > > > > Sent: Monday, December 31, 2001 11:09 AM > > > > Subject: Is IIS worth the risk? > > > > > > > > > > > > > > > > > > Neat article. > > > > > > > > > > http://www.infoworld.com/articles/tc/xml/01/12/24/011224tcpcp.xml > > > > > > > > > > Maybe should write to the writers and name some server that may not > > have > > > > > had any publicity about being the target of viruses. > > > > > > > > > > John > > > > > > > > > > > > _______________________________________________ > > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > > list > > > To post a message email: MIDRANGE-L@midrange.com > > > To subscribe, unsubscribe, or change list options, > > > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > > > or email: MIDRANGE-L-request@midrange.com > > > Before posting, please take a moment to review the archives > > > at http://archive.midrange.com/midrange-l. > > > > > > > > > > > > > > _______________________________________________ > > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing > list > > To post a message email: MIDRANGE-L@midrange.com > > To subscribe, unsubscribe, or change list options, > > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > > or email: MIDRANGE-L-request@midrange.com > > Before posting, please take a moment to review the archives > > at http://archive.midrange.com/midrange-l. > > > > > > > _______________________________________________ > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list > To post a message email: MIDRANGE-L@midrange.com > To subscribe, unsubscribe, or change list options, > visit: http://lists.midrange.com/cgi-bin/listinfo/midrange-l > or email: MIDRANGE-L-request@midrange.com > Before posting, please take a moment to review the archives > at http://archive.midrange.com/midrange-l. > >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.
midrange.com
