Security Basics mailing list archives

RE: CGI security vs ASP security

From: "Jon Pastore" <jpastore () idetech net>
Date: Wed, 16 Apr 2003 15:15:15 -0400

Right on...that's what we use for a massive intranet application we
developed to interact with PostgreSQL...fast and awesome we love it...

We're also thinking about starting a non profit organization call NMMS
for no more Microsoft =) code name: project nemesis

We're looking to go to a completely non Microsoft environment in the
next year....Red Hat 8 didn't help that cause...=(

Jon Pastore, President
IDE Tech, Inc.
(954) 360-0393 Office
(954) 428-0442 Fax



-----Original Message-----
From: Jens Porup [mailto:jens () cyber com au] 
Sent: Tuesday, April 15, 2003 9:35 PM
To: security-basics () securityfocus com
Subject: Re: CGI security vs ASP security


On Tue, Apr 15, 2003 at 11:26:00AM -0700, Kline, Nathan C - CIEP-3
wrote:

<snip>
The bottom line though is both are dated technologies. Java or .NET,
being cutting edge complied languages will give you much better
performance, scalability, and security then CGI or ASP.


Rubbish. That's Pointy Haired Boss cant and you know it. 

First of all, Java is hardly a "cutting edge compiled language"--it runs
as byte code on the JVM, which is no faster than Perl running CGI
programs using mod_perl and apache. 

Second of all, .Net is not platform-independent. Do you *really* want to
get squeezed by the nuts by Microsoft every year or so for license 
fees? 

Third of all, and most importantly, is developer time. Perl is a
fully-fledged Rapid Application Development language that enables Perl
hackers to produce quality code much faster than their Java or C++
counterparts.

Perl is fast, easily scalable using Object Oriented Perl, and runs
securely on more platforms than Java. 

Jens

------------------------------------------------------------------------
---
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam,
the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by
professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no
vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today
to 
ensure your place.
http://www.securityfocus.com/BlackHat-security-basics 
------------------------------------------------------------------------
----


---------------------------------------------------------------------------
Attend Black Hat Briefings & Training Europe, May 12-15 in Amsterdam, the 
world's premier event for IT and network security experts.  The two-day 
Training features 6 hand-on courses on May 12-13 taught by professionals.  
The two-day Briefings on May 14-15 features 24 top speakers with no vendor 
sales pitches.  Deadline for the best rates is April 25.  Register today to 
ensure your place.  http://www.securityfocus.com/BlackHat-security-basics 
----------------------------------------------------------------------------

Current thread:

CGI security vs ASP security Teodorski, Chris (Apr 11)
- Re: CGI security vs ASP security Jens Porup (Apr 14)
  - Re: CGI security vs ASP security Corey Schaffer (Apr 15)
  - RE: CGI security vs ASP security David Gillett (Apr 15)
  - RE: CGI security vs ASP security Sarbjit Singh Gill (Apr 17)
  - Re: CGI security vs ASP security Steven J. Sobol (Apr 22)
- <Possible follow-ups>
- Re: CGI security vs ASP security Rodriguez, Manuel (Apr 15)
- RE: CGI security vs ASP security Kline, Nathan C - CIEP-3 (Apr 15)
  - Re: CGI security vs ASP security Jens Porup (Apr 16)
    - RE: CGI security vs ASP security Jon Pastore (Apr 17)
- RE: CGI security vs ASP security Kline, Nathan C - CIEP-3 (Apr 17)