07 February 2007

Getting graphic about Apache security

This interesting blog entry shows some system-call graphs for Apache versus... some other web server. A quick glance at the collections of lines gives you a summary of why Linux web-servers break much less often than... the other kind.

An amusing appliction of “your call”. (-:

A system call is an opportunity to address memory. A hacker investigates each memory access to see if it is vulnerable to a buffer overflow attack. The developer must do QA on each of these entry points. The more system calls, the greater potential for vulnerability, the more effort needed to create secure applications.

Yes, it all does count!

No comments: