Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 22 Oct 1998 13:32:56 -0400 (EDT)
From:      Robert Watson <robert@cyrus.watson.org>
To:        Deepwell Internet <freebsd@deepwell.com>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: FrontPage Server Extensions
Message-ID:  <Pine.BSF.3.96.981022133043.4185A-100000@fledge.watson.org>
In-Reply-To: <4.1.0.67.19981022093228.009d4450@mail1.dcomm.net>

next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 Oct 1998, Deepwell Internet wrote:

> I'm in EXACTLY the same position. We run an ISP where our primary web
> server is a FreeBSD 2.2.6 box.  If someone requests to use frontpage I have
> to go through the point-and-click hell of adding them into the NT server
> (Add a user into the domain, create a new folder, add them into IIS with
> both a website and an FTP account).  This just turns into hell.
> 
> I've been seriously thinking about installing the frontpage extensions, but
> I'm a little weary since this is a Stronghold secure webserver.  People
> around the office have been saying that the FP extensions are insecure and
> buggy, but no one can point to any real examples.

At SafePort, we have some BSD/OS machines, and the same problem.  We would
far rather run UNIX than NT -- it's more manageable, customizable, secure,
etc.  However, we have lots of customers asking for FPE now.  I thought
about trying to reverse-engineer, but I don't have the time.  I wonder if
anyone on the Apache project, etc, has looked at doing this?  The security
issues with the MS product are a real concern, and we have been losing a
few customers because we are reluctant to install a known problem on our
servers.

  Robert N Watson 

Carnegie Mellon University            http://www.cmu.edu/
TIS Labs at Network Associates, Inc.  http://www.tis.com/
SafePort Network Services             http://www.safeport.com/
robert@fledge.watson.org              http://www.watson.org/~robert/


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981022133043.4185A-100000>