| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
MS vows rewritten IIS, more patches | |
|
||
| Time: 12:11 EST/17:11 GMT | News Source: The Register | Posted By: Byron Hinson | ||
|
Microsoft has been stung into action by Gartner security analyst John Pescatore's conclusion that businesses should ditch IIS - the Beast's own web server - for safer alternatives. Redmond is telling its sales channel that a rewrite of IIS is underway for version 6.0, and will introduce interim security measures along the lines of the lock-down utility, because, it says, "we also realize customers cannot wait that long." Most remarkably, it's even mulling whether to leave the web server IIS - along with many other services - uninstalled by default. The comments are in a bulletin sent to its sales staff and resellers, and seen by The Register. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 317 Last | Next |
The time now is
7:08:25 AM
ET.
Any comment problems? E-mail us |
| #1 By 94 (63.207.180.66) at 9/25/2001 2:50:58 PM |
|
#2; You can already run Apache 1.3 and 2.0 on Windows 2000. Not that you'd want to. When Apache 2.0 is finally at a stable release, it will be a nice alternative, but I'd still stick with IIS. Once MS gets there act together and allows for automatic patches to be downloaded, it will be even better. I also like the idea of not having it installed by default. I think MS should be like everyone else and have the bare minimum selected during install, but still give you the ability to check the checkbox during installation for custom installs. This would probably make a lot of security guys happy.
I've always belived in one important idea..."There will always be security holes in operating systems whether their open source or not. OS's will always have fixes and patches. These OS's should not be judged by their security faults, but by the ability to fix them." Wether you're running BSD, Linux, or Windows 2000 you need to know what you're doing or will be susceptible to all kinds of problems. I will agree that by default MS has more problems with security than anyone else, but keeping your fixes and patches up to date, installing only the serivces you absolutly need, you should be ok. I dont know about the rest of you, but I get an email everytime a patch is released from MS. I then download it, and patch it. (if its applicable) It doesn't take but 10-15 minutes. I might have to wait till off hours to patch some holes, but MS if starting to fix that as well with no reboot patches. Gartner talks about having a patch a week for IIS, thats a load of crap. The last patch released by MS that I needed to patch was on June 18th, 2001. (MS01-044 was a package of already relased patches, so I'm not counting that) |
| #2 By 20 (168.215.253.242) at 9/25/2001 3:00:09 PM |
|
Sorry, I wrote #5. I didn't mean to post anonymously, but the comment form is broken. If you type in your user/pass, it still posts anonymously.
Oh well, sorry for the confusion. |
| #3 By 94 (63.207.180.66) at 9/25/2001 4:49:14 PM |
| Being #6, I take offense. I didn't say anything negative about Apache. And I am familiar with it. I look forward to future releases of version 2. However version 1.3 doesn't do it for me. I too have a linux box running Apache and I agree, it's very stable. I also have a W2K box that is very stable. Oh, and a FreeBSD box that, well, is obviously very stable. Another obvious pearl of wisdom I like to say is this "Never limit yourself to championing one cause." If you're a pure linux fanatic, and you go around saying that linux is the best and only OS, then you're asking for a doomed future. I don't do that for anyone OS. They are all good in some areas, and lacking in others. But I will defend Windows when it is attacked needlessly, as I will with Linux. |
| #4 By 94 (63.207.180.66) at 9/25/2001 5:01:15 PM |
|
One other thing I would like to add, in case anyone from .NET product dev is reading these. How about having setup check the internet for updates BEFORE the IIS service is started for the first time? That way, the casual user that installs IIS, and doesn't know anything about it, won't have to worry about these things.
#12, sorry, wasn't directing that at you exactly, just in general. You and I pretty much agree, but I was just venting my thoughts. This post was edited by caryfields on Tuesday, September 25, 2001 at 17:11. |
| #5 By 116 (66.68.134.68) at 9/25/2001 11:23:29 PM |
| After all this talk about the stability of Apache and how great it is. . . You guys better knock on wood fast. I would bet money that a flaw is going to come out soon and you guys will be toast. |
| #6 By 94 (24.165.180.51) at 9/26/2001 1:11:33 AM |
|
Really? I always though slipstream was only related to RIS. Didn't know you could do it to a server. Can you tell me more? If you can point me to a web site that would be great. I'll start doing some searches in the meantime. Thanks for the heads up. This post was edited by caryfields on Wednesday, September 26, 2001 at 01:13. |
| #7 By 116 (129.116.86.41) at 9/26/2001 8:51:05 AM |
|
Slipstreaming can only be done to your installation files. If you download the service pack it includes a document detailing your deployment options. Slipstreaming doesn't check the internet before hand. You have to do that manually. So basically when you install the OS you install the OS plus the service pack. This is also called integrated installation. You can use RIS or you can even make a separate Windows 2000 boot CD.
Check out: http://www.bink.nu/bootcd/ From MS: http://www.microsoft.com/windows2000/techinfo/planning/incremental/sp2guide.asp Read the SPDeploy.doc it tells you your different options and how to do it. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 317 Last | Next |
The time now is
7:08:25 AM
ET.
Any comment problems? E-mail us |
