Results 1 to 6 of 6

Thread: Asp , Cgi , Php ?

  1. #1
    Senior Member
    Join Date
    Sep 2001

    Asp , Cgi , Php ?

    Which do you think is more secure :
    If God had intended
    Man to program,
    we would be born
    with serial I/O ports.

  2. #2
    Join Date
    Oct 2001


    It's not a matter of 'how secure' they are, it's a matter of how secure YOU make them...well the scripts you make in whichever language anyway.

  3. #3
    Senior Member
    Join Date
    Oct 2001

    ASP ain't it

    Just remember that ASP runs on IIS which itself has the vulnerabilities.

    But i do agree with bpx, it's the programmer who makes things insecure.
    - Stronzo

    \"Vini, Vici, Vidi\"
    I came, I saw, I conquered.
    - Julius Caesar

  4. #4
    i agree with stronzo because if the skills of the programmer aren't good enough either for a script kid to break the security imagine how easy a good hacker could ...

  5. #5
    I agree with stronzo.
    if you use asp, you can only run your apps in IIS and we all know the vulnerabilities it has.
    But on the other hand you have to be very careful when using any of these, cuz no matter how secure php structure is, there is always someone smarter than you.
    \"The best place to find a helping hand is at the end of your own arm...

  6. #6
    Senior Member
    Join Date
    Aug 2001


    Here is the thing. All these languages give you wide power - you can do all kinds of things with them. Anyone who doesn't know what they are doing when they make a script can easily "misuse" the power and leave holes in the script allowing anyone on the outside use the power the language gives you.

    So, basically, in order to judge which language is more secure, you have to look at what kind of features the language has. The most secure language would be one that wouldn't let you access any external files, wouldn't have any sort of internet capabilities, etc, etc. Obviously this would make for a pretty crappy language and so that is why ASP, CGI, PHP, etc. are all exremely "insecure" in that sense.

    Just pick one for other reasons besides the "security" and learn it very well and everything will be secure.
    \"If you torture the data enough, it will confess.\" --Ronald Coase

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts