http://qs321.pair.com?node_id=482401


in reply to Re^2: Paranoid about web application security
in thread Paranoid about web application security

I spoke too soon. I was unaware that IIS 6 was available, or that it was better than previous versions - but it is, and it appears to be. I still contend that any Windows server is less secure by default than something like OpenBSD (designed from the ground up to be secure - as opposed to Windows, which is designed from the ground up to be easy to use for the most people), but if placed behind a sufficiently configured firewall, IIS 6 will probably be okay.