mailing list archives
Re: LAMP vs Microsoft
From: "Jarrod Frates" <jfrates.ml () gmail com>
Date: Mon, 10 Jul 2006 10:19:11 -0700
The debates that go back and forth on this relate to the inherent
difference between LAMP and a Microsoft platform. When you install
LAMP (using CentOS or Debian for a baseline installation, for
example), what applications are you including that are not in the
Windows environment? What applications are included in Windows that
are not in the LAMP environment?
Perhaps a more specifically-defined question would be more useful.
Are you probing for the entire platform, or just the web-visible
architecture? If it's just a comparison of Apache/MySQL/PHP on a
Linux kernel compared to just IIS/MSDE/ASP on a Windows kernel, that
may make more sense than an overall comparison. Further specifying
whether only kernel exploits that are remotely-accessible should be
included or if all kernel exploits should be counted would also be of
I don't have the numbers for a comparison of this type, but they would
probably be of some interest if someone wanted to put them together.
Might not be terribly difficult, either.
On 7/9/06, Darren Reed <avalon () caligula anu edu au> wrote:
Does anyone have statistics on the cumulative vulnerabilities
in LAMP vs the equivalent for Microsoft ? (I'm also interested
in whether there are better, as in more secure, environments than
If the number of vulnerabilities is graphed over time, is either
heading down or both heading up or...?
- I'm not asking for a "who's better", I just want to know if
anyone has a good set of numbers and if they're graphed for easy
p.s. LAMP = Linux/Apache/MySQL/PHP