Curious to hear about CMS security experiences

Just threw up a Joomla 1.5 site straight off the tutorials.

Now I patched it up like they said, and actuallyforgot about it for a month.
Last month I noticed it had been completely defaced by some Russian hacker. Well since I am not using it and have plenty of other things to keep me busy I forgot about it again. This week I saw the hacker just crashed the entire site and deleted entire folders.

Here's my point. at the same time I was curious how all the CMS would fare, so I also set up a Drupal site (out of the box) with the patches.

The Drupal site is sitting there untouched www.ckcunion.com

And if you think they ar enot bold, check out a hacked network security site: www.securetechinternational.com -- it seems we are all in the firing line.

Conclusion: Joomla seems to be the CMS of choice for hackers.

Does anyone have a opinion on which is more secure?

How much of a role do you think the server security plays in it?

Now I take an interest in it and I have seen Xoops, Joomla sites hacked a lot., But I am yet to see a Drupal site defaced.

Does anyone have an opinion on which CMS is more secure or easier to secure?

Hi
I am not a Drupal expert, but I read articles in the forums or try to help others with queries in some few areas when I can.
Once in a while, i have read about someone talking about a site being highjacked, though it's quite a while back. To get a true or more accurate picture of how much that is a problem, I think one could do a search in the forum at www.drupal.org or ask a question on the subject.
There are likely to be some honest answers from users.

I think Drupal core is quite secure & problems are much more likely to be caused by or through third party modules than through exploiting some weakness in the system.
I am personally satisfied, though with the very regular updates to the core or third party modules.
My community site has about 80 modules & every now & then there are updates, to which one is alerted once any is released. Some of the updates are security related.

I have read about some highjacking case or 2 which however seemed to be a result of the security of the server being compromised.


Regarding ease of use, I find Drupal much easier to use than Joomla, starting at the admin panel.

Anyway, I have had no bad experiences & I'm generally satisfied with Drupal & its support and hope it remains so.