LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

A second remote hole for OpenBSD

A second remote hole for OpenBSD

Posted Mar 15, 2007 23:10 UTC (Thu) by man_ls (subscriber, #15091)
In reply to: A second remote hole for OpenBSD by drag
Parent article: A second remote hole for OpenBSD

I'm surprised no-one has called on this:

Generally speaking, with administrators of equal skill level and websites with similar functionality, if you setup a Windows 2003-based web server vs a Linux-based web server the Windows server is going to be more secure.
Ehm, excuse me? Windows 2003 more secure than Linux?

Let me put this into perspective. I have two machines; one I load with the latest RHEL 4, the other one with the latest Windows 2003, default install. I place both machines on the public internet without a firewall, and wait to see which one stays out of trouble for a longer time. Would you bet for the Win2k3?

Same scenario, now I place both machines behind a firewall and just expose a web server (Apache on RHEL, IIS on w2k3), static HTML. Bets?

I know I keep my main machine connected via ADSL without a firewall and have never had a successful intrusion (that I know of); this with Debian, SUSE, Gentoo and lately Ubuntu. I had something which might have been a sporadic DOS with Dapper, long gone with Edgy. Maybe things have changed a lot, but even with w2k3 I wouldn't bet to stay connected long enough to download the latest patches without getting infected.

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds