Feeds

Netcraft posts May 2001 Web survey

Data frenzy

  • alert
  • submit to reddit

Security for virtualized datacentres

The Netcraft Web Server Survey is a survey of Web Server software usage on Internet connected computers. We collect and collate as many hostnames providing an http service as we can find, and systematically poll each one with an HTTP request for the server name. In the May 2001 survey we received responses from 29,031,745 sites.

Top Developers

Developer April 2001 Percent May 2001 Percent Change
Apache 17932251 62.55 18069603 62.24 -0.31
Microsoft 5918319 20.64 5958734 20.52 -0.12
iPlanet 1798490 6.27 1813244 6.25 -0.02

Top Servers

Server April 2001 Percent May 2001 Percent Change
Apache 17932251 62.55 18069603 62.24 -0.31
Microsoft-IIS 5916724 20.64 5957240 20.52 -0.12
Netscape-Enterprise 1762872 6.15 1778958 6.13 -0.02
Zeus 779209 2.72 798745 2.75 0.03
Rapidsite 402829 1.41 407488 1.40 -0.01
AOLserver 272815 0.95 377264 1.30 0.35
thttpd 369930 1.29 370282 1.28 -0.01
tigershark 200620 0.70 215321 0.74 0.04
WebSitePro 119586 0.42 118762 0.41 -0.01
ConcentricHost-Ashurbanipal 106443 0.37 109879 0.38 0.01

Active Sites

Developer April 2001 Percent May 2001 Percent Change
Apache 7015250 61.67 7230089 61.53 -0.14
Microsoft 2961984 26.04 3062949 26.07 0.03
iPlanet 294594 2.59 324722 2.76 0.17

Nb. iPlanet is the sum of sites running iPlanet-Enterprise, Netscape-Enterprise, Netscape-FastTrack, Netscape-Commerce, Netscape-Communications, Netsite-Commerce and Netsite-Communications. Microsoft is the sum of sites running Microsoft-Internet-Information-Server, Microsoft-IIS, Microsoft-IIS-W, Microsoft-PWS-95, Microsoft-PWS.

Around the Web

Web Server Security
Web Server Security has been at the forefront of the news throughout the last month, with the archive site attrition.org announcing that it had received a list of around 9000 Microsoft-IIS sites that had been successfully been taken control of by attackers. Subsequently Attrition stated that it would stop archiving mirrors of such sites as it was unable to keep pace with the number of successful attacks. Recently it has been receiving over 100 reports of successful attacks in a single day, more than for the entire years of 1995 & 1996.

CERT is also reporting on the sadmind/Microsoft-IIS vulnerability which is being actively exploited despite patches being available from Microsoft since October last year.

Separately, the main apache.org site and sourceforge.net, which hosts a large number of free software projects, were both compromised via a sniffing attack. Projects are currently undertaking code reviews to determine whether any covert channels have been placed in the source code.

The Microsoft-IIS and apache.org attacks raise the possibility of very large numbers of machines falling under the control of a single person, or group of people acting in concert, as Microsoft and Apache between them account for the great majority of Internet web sites. Indeed, there is a chance that this may have already happened.

Netcraft believes that it is more likely that the number of compromised Microsoft-IIS sites is in the order of hundreds of thousands rather than the 9000 figure widely reported in secondary coverage of attrition.org. In our own network security testing business, around a third of the 41 Microsoft-IIS servers we have tested for the first time since the attrition.org posting have been vulnerable, while four had already been exploited, and taken control of by an attacker without the knowledge of the site owner. Around half of the internet's e-commerce sites run on Microsoft-IIS, and there is the potential for a great deal of economic damage.

Traditionally the mainstream media portrays this scenario as having been created by the software developer, who should have been more careful when coding, but this seems to be pointing the finger in completely the wrong direction when a well documented patch has been available for six months, or in the case of the Apache, a crack code review team is assembled within hours of finding the intrusion.

Currently many e-commerce site owners operate without any regular security testing, and it is shocking to see third-party privacy and encryption assurance seals giving the Internet community confidence that it is safe to shop on servers which have not been patched or upgraded in a year, are patently vulnerable and possibly already under the control of a criminal third-party.

Netcraft itself will do two things to help this situation. Firstly, we will introduce an optional assurance seal for our customers such that people can show that their site is being tested on a regular basis, and the date of the last clean test. Secondly, we will introduce a tariff for a single host or ip address, such as commonly found at dedicated server companies, so that our own cost barrier to regular, frequent detailed testing is much lower. Details will appear on our site over the next two weeks, and in the interim we encourage people to mail us to request information.

Server Blades vs Cobalt

RLX Technologies launched its ServerBlade this month, which perhaps presents the most significant change in hosting technology since the introduction of the 1U server. Over the last two years Cobalt has come to lead America's dedicated server industry, and make significant inroads into several European markets. It is conceivable that the Server Blade may change this. However there are reasons other than size why people like to run Cobalt, including the user interface and ease of administration. One anticipates that dedicated server companies will be strongly attracted to Server Blades, because of the power and space advantages, and because it is has been very hard to make a profit from providing Cobalt hosting, which, modulo network performance and availability, is a market close to perfect competition.

However, the impact of server blades is by no means certain. The dedicated server companies' customers may be less easy to persuade, as they do not see the power or space issues, just the Cobalt GUI, and if customers ask for Cobalt, then that is what the dedicated server companies will have to buy.

Microsoft will have a key roll to play in determining RLX's success, as server blades stand a good chance of being deployed when a customer asks for a Windows server, and Microsoft made an announcement of its own plans for server appliances to coincide with the RLX Launch. If Microsoft can successfully compete with Cobalt at a software level, then RLX will have the opportunity to compete at the hardware level.

Ironically, RLX's own site, hosted at leading dedicated server company rackspace.com runs Linux and Apache. ®

Reducing the cost and complexity of web vulnerability management

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
JINGS! Microsoft Bing called Scots indyref RIGHT!
Redmond sporran metrics get one in the ten ring
Driving with an Apple Watch could land you with a £100 FINE
Bad news for tech-addicted fanbois behind the wheel
Murdoch to Europe: Inflict MORE PAIN on Google, please
'Platform for piracy' must be punished, or it'll kill us in FIVE YEARS
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Sony says year's losses will be FOUR TIMES DEEPER than thought
Losses of more than $2 BILLION loom over troubled Japanese corp
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.