Date: Sat, 9 Feb 2002 08:09:55 +0100 From: "Anthony Atkielski" <anthony@freebie.atkielski.com> To: "Charles Burns" <burnscharlesn@hotmail.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Breaking permissions on Windows 2000 (Server Edition) Message-ID: <017801c1b138$d1504c30$0a00000a@atkielski.com> References: <F100mDvHbYxPoLMOEYz000057c8@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Charles writes: > I doubt that anyone would say with a straight > face that a Windows server using, say, IIS, > is more secure than a (say) FreeBSD or Solaris > server running Apache or Zeus. It depends on the type of attack. Windows has traditionally been less secure against "out of band" attacks, which for Windows means anything supporting standard Internet protocols such as HTTP or FTP, with their inherent near-absence of security. Windows cannot profit from its various architectural features enhancing security when supporting these protocols, and the general complexity of the OS, combined with this exposure, makes it easy to open holes in security. However, Windows is much more secure against "in band" attacks; for example, breaking into a Windows NT/2000 domain _without_ using one of the security-free Internet protocols is far more difficult than it would be on UNIX. The problem, of course, is that many Windows servers are running insecure Internet protocols, and in those circumstances they have a disadvantage compared to UNIX. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?017801c1b138$d1504c30$0a00000a>