Re: Site Traffic Reporting
- From: "Amedee Van Gasse" <nzrqrr.ina.tnffr@xxxxxxxxxx>
- Date: Wed, 22 Jun 2005 00:07:57 -0700
Juan T. Llibre shared this with us in
microsoft.public.dotnet.framework.aspnet:
> I am very skittish about it, since I don't have awstats installed,
> but see quite a few requests for /cgi-bin/awstats.pl in my weblogs.
A few months ago there was a security flaw in awstats, a buffer
overflow vulnerability if I'm correct. If there were exploits, they
were created *after* awstats was patched.
How often do you see that with IIS vulnerabilities?
> Perl has been demonstrated to be a security risk in many previous
> versions and I don't want to be the booby who proves that the
> version of Perl which awstats uses is a security risk, too.
Replace every instance of the word Perl with IIS in that sentence, and
it remains a valid statement. Is that a reason for not using IIS? No, I
should think. For Perl you use exactly the same precautions as for any
other technology.
Anyway, see this page: http://aspn.activestate.com/ASPN/NET
Perl can be used as any other .NET language.
--
Amedee Van Gasse
.
- Follow-Ups:
- Re: Site Traffic Reporting
- From: Juan T. Llibre
- Re: Site Traffic Reporting
- References:
- Re: Site Traffic Reporting
- From: John Timney \(ASP.NET MVP\)
- Re: Site Traffic Reporting
- From: Amedee Van Gasse
- Re: Site Traffic Reporting
- From: Juan T. Llibre
- Re: Site Traffic Reporting
- Prev by Date: Re: Learning .NET
- Next by Date: Append Data
- Previous by thread: Re: Site Traffic Reporting
- Next by thread: Re: Site Traffic Reporting
- Index(es):
Relevant Pages
|
Loading
