Thread: Forums in asp
View Single Post
Old 05-04-2007, 02:01 PM   #10 (permalink)
Owen
Contributing Member
 
Owen's Avatar
 
Join Date: 04-27-07
Location: Isle of Man
Posts: 174
iTrader: 0 / 0%
Owen is just really niceOwen is just really niceOwen is just really niceOwen is just really niceOwen is just really niceOwen is just really niceOwen is just really niceOwen is just really nice
Send a message via MSN to Owen
Quote:
Originally Posted by Johan007 View Post
No, what Owen is saying is that ASP is more secure than PHP. It is indeed more secure but not becuase it is less popular but becuase the way it is programmed. People love to hack M$ but they are simply more secure and that is why a banks and major organizations and online shops all use ASP.
Hi Johan,

Just to clarify. I'm not saying ASP is more secure than PHP. They're both scripted language and susceptible to the same type of exploits. For example, if inputs aren't sanitised, both languages can be usurped into, say, relaying SQL Injection attacks to a database, or allowing cross-site scripting ..

What I was alluding to is that fact that if you look at exploit engines, say Metasploit for example, you'll find a number of exploits for PHP based systems and only a few for ASP-based ones. This however reflects the number of off-the-shelf packages written in that language, not how secure the language really it

Hope this is clearer

Owen
__________________
I'm a Maltese bloke living in the Isle of Man. Read more about my professional life on my Tech & Business Blog or my new MBA Geek blog
Owen is offline   Reply With Quote