Anti-Virus Software ?
Mark Haney
mhaney at interactsys.com
Fri Oct 8 20:43:41 UTC 2004
On Fri, 2004-10-08 at 16:39, John Thompson wrote:
> Matthew Miller wrote:
>
> > On Fri, Oct 08, 2004 at 02:32:02PM -0500, John Thompson wrote:
> >
> >>exploits. If this were true, however, we would expect that in markets
> >>where Windows has less penetration -- e.g. internet severs, where
> >>Windows servers comprise ~40% of the market -- that Windows should only
> >>suffer ~40% of the exploits in this arena. That is not what we see,
> >>however: even with ~40% of the internet server market, Windows still
> >>suffers ~95% of the significant exploits. One can conclude from this
> >>that Windows is inherently less secure than other platforms.
>
> > One can conclude all sorts of things. :)
> >
> > But the one you've picked doesn't necessarily follow. 95% of desktop share
> > might lead to increased incentive and ability to develop exploits, which
> > then _happen_ to also work when the same OS is used in other markets --
> > leading to more exploits there than you would expect by looking at that
> > segment in a vacuum.
>
> But the vast majority of desktop exploits involve Internet Explorer and
> Outlook and/or Outlook Express. Neither of these should be doing much
> on internet *servers* and conversely, IIS and other Windows server
> exploits should have little relevance to desktop users. So I think my
> point still stands...
>
> --
>
> -John (john at os2.dhs.org)
It stands only when you consider my statements earlier about being all
things to all people. You are exactly right, those items should _never_
be on a server. However, have you ever tried to use SQLMail in SQL
Server? It _requires_ Outlook installed for certain (MAPI?) dlls. I
have maintained all along that there is no reason for any Windows server
to run a GUI by default. (Totally irrelevant to my point though...).
This is going to be MS's undoing. Total integration is not a good
thing. Unless you build completely separate codebases for server and
workstation.
--------------------------------------
Mark Haney
Network Administrator
InterAct Public Safety Systems
mhaney at interactsys.com
Fedora Core release 2 (Tettnang) Kernel: 2.6.8-1.521 GNU/Linux
16:40:15 up 8:58, 2 users, load average: 10.16, 9.14, 8.57
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20041008/d64867fb/attachment-0001.sig>
More information about the fedora-list
mailing list