<<< Date Index >>>     <<< Thread Index >>>

Re: LAMP vs Microsoft



The debates that go back and forth on this relate to the inherent
difference between LAMP and a Microsoft platform.  When you install
LAMP (using CentOS or Debian for a baseline installation, for
example), what applications are you including that are not in the
Windows environment?  What applications are included in Windows that
are not in the LAMP environment?

Perhaps a more specifically-defined question would be more useful.
Are you probing for the entire platform, or just the web-visible
architecture?  If it's just a comparison of Apache/MySQL/PHP on a
Linux kernel compared to just IIS/MSDE/ASP on a Windows kernel, that
may make more sense than an overall comparison.  Further specifying
whether only kernel exploits that are remotely-accessible should be
included or if all kernel exploits should be counted would also be of
use.

I don't have the numbers for a comparison of this type, but they would
probably be of some interest if someone wanted to put them together.
Might not be terribly difficult, either.


Jarrod

On 7/9/06, Darren Reed <avalon@xxxxxxxxxxxxxxxxxxx> wrote:

Does anyone have statistics on the cumulative vulnerabilities
in LAMP vs the equivalent for Microsoft ?  (I'm also interested
in whether there are better, as in more secure, environments than
LAMP.)

If the number of vulnerabilities is graphed over time, is either
heading down or both heading up or...?

- I'm not asking for a "who's better", I just want to know if
anyone has a good set of numbers and if they're graphed for easy
comparison.

Thanks,
Darren

p.s. LAMP = Linux/Apache/MySQL/PHP