| |||||||||||
|
| |||||||||||
April 2006 Web Server Survey (Netcraft)April 2006 Web Server Survey (Netcraft)Posted Apr 7, 2006 7:48 UTC (Fri) by danieldk (subscriber, #27876)In reply to: April 2006 Web Server Survey (Netcraft) by drag Parent article: April 2006 Web Server Survey (Netcraft)
Don't forget that many propietary software flaws that are not publicly reported, and even if they were there is no way to check that. Many opensource projects proactively publish security advisories for bugs that may *theoretically* be exploitable. Of course, there are some ugly security bugs every now and then. The question is what lines of defense are available in the case that there is some nasty bug. First of all, most GNU/Linux distributions have far better software management systems than Windows. Usually all packages on a production system are from distro package repositories. Updates are pulled in from one source. You do not have to get updates from different vendors that have different update mechanisms (I realise that this is not a real problem if a server just runs Windows + IIS). Besides that most modern Linux distributions have good protection mechanism like ExecShield and SELinux that help when a daemon is exploited.
The following article gives a good overview of the state of security in one of the popular Linux distributions:
(Log in to post comments)
|
|||||||||||