Are some operating systems more secure to use as platforms for Web servers than others?
The answer is yes, although the Unix and NT communities may not like to hear it. In general, the more powerful and flexible the operating system, the more open it is for attack through its Web (and other) servers. Unix systems, with their large number of built-in servers, services, scripting languages, and interpreters, are particularly vulnerable to attack because there are simply so many portals of entry for hackers to exploit. Less capable systems, such as Macintoshes and special-purpose Web server boxes, are less easy to exploit. The safest Web site is a bare-bones Macintosh running a bare-bones Web server. See Servers, Q20 for details. In the real world, of course, many sites will want to run a Windows NT or Unix server in order to gain the performance advantage of a multitasking operating system and the benefits of database and middleware connectivity .
The answer is yes, although the Unix community may not like to hear it. In general, the more powerful and flexible the operating system, the more open it is for attack through its Web (and other) servers. Unix systems, with their large number of built-in servers, services, scripting languages, and interpreters, are particular vulnerable to attack because there are simply so many portals of entry for hackers to exploit. Less capable systems, such as Macintoshes and MS-Windows machines, are less easy to exploit. Then again it’s harder to accomplish really cool stuff on these machines, so you have a tradeoff between convenience and security. Of course you always have to factor in the experience of the people running the server host and software. A Unix system administered by a seasoned Unix administrator will probably be more secure than a MS Windows system set up by a novice.
