Slashdot Mirror

(*Long Painful Sigh*)
http://news.netcraft.com/archives/2003/09/10/windo ws_server_2003_doubles_active_sites_since_july_5_w ere_previosuly_running_linux.html

Windows Server 2003 approaching 100,000 active sites; 8,000 sites switch from Linux

Before we all go off on the *bsd is dying trip, let's look at the actual statistics, from Netcraft. This survey is current. Thanks.

You're obviously a little misinformed, check out the stats on that snazzy IIS server the International Lesbian and Gay Association are using. Don't worry, most Windows users are "in the closet" just like you.

Of course the Netcraft study shows that

only Microsoft can afford the more EXPENSIVE

Linux based server caching (Akamai)

http://uptime.netcraft.com/up/graph/?host=www.micr osoft.com

With perfect honesty, as someone who has used and programmed various OSes and hardware, the differences between Linux and Windows are few. Both are hugely complex from the user's point of view, and both are arguably incomprehensible on the source level. (Remember, you can't just talk about the Linux kernel, but the entire package including XFree86, drivers, the window manager, KDE, etc.) So it's not like either one is a clear winner in terms of ease-of-use or architectural cleanliness. It used to be that Linux was more stable, but with Windows 2000 that's no longer true.

Well, my system uptimes tell a different story. But you don't have to trust my figures - take a look at Netcraft uptimes. These aren't the highest uptimes of all - almost without exception, the best uptimes are held by BSD derivatives (around 5 years). For the most popular sites, Linux tends to knock in around 100+ days. Windows 2000 knocks around in the high-20's, low 30's.

Have a nice day.
Toby Haynes

So IBM has entered into a sponsorship deal with the NFL... lessee what the League's webservers are running:

yep, NFL.com runs Linux.

opensource.org has been running PHP all this time

Do you think MS doesn't even use their own software?

Then why are my Apache logs full of IIS exploit attempts, even though Apache runs on over twice as many servers?

That argument lost its punch some time ago. Large, commercial entities are using Linux so the interest is certainly there. Google is one really good example.

mail:/usr/share # hostname -f; uname -a
mail.sco.com
Linux mail 2.4.19-64GB-SMP #1 SMP Fri Feb 7 16:29:22 UTC 2003 i686 unknown

It seems that Rackshack, SCO and OsiruSoft are unwillingly participating in the "shutdown" as well.

It seems that Rackshack, SCO and OsiruSoft are unwillingly participating in the "shutdown" as well.

I hate to bite, but here goes....

Lets have a little look at the latest monthly web server survey from netcraft. Now, I will quote:

Apache hits an all time high in percentage share this month with 63.98% of sites found running an Apache server.

Following on from last month, Microsoft continued to lose sites as Network Solutions migrated the rest of their domain parking system back to Solaris from a Windows based system hosted at Interland. This is primarily responsible for Microsoft's 2.2% fall, with a net loss of 810,597 sites.

Microsoft's share is 23.75% according to the survey. Face it, the majority of sites out there use Apache, almost certainly running on some form of UNIX. Even if some of the sites are of the odd variety that use it on Windows, you must realize they aren't using an MS standard.

Further, you can probably extrapolate the type of software running on companies' internal networks from their external networks. Quite frankly, the enterprise world is not Microsoft, and it never has been.

Where's your proof?

Right here.

"It may be a case of 'do as we say, not as we do' over at the Santa Cruz Operation. The Netcraft statistics meter says that for the last year, SCO's web site has been served by Apache on Linux."

Has anyone noticed that if you check NetCraft for microsoft.com, it says that they are running IIS on Linux? I realize that a previous article here indicated that Windows Update was running on Linux for a time, but I'm talking about the main Microsoft site here!

There are a lot more SCO Group company sites running Linux than just sco.com:

1 internetworld.com 433 461 461 Linux Apache/1.3.11 (Unix) ApacheJServ/1.1.2 mod_perl/1.21 PHP/4.2.3
2 www.nft.com 427 462 461 Linux Apache/1.3.11 (Unix) ApacheJServ/1.1.2 mod_perl/1.21 PHP/4.2.3
3 www.canopy.com 422 462 461 Linux Apache/1.3.11 (Unix) ApacheJServ/1.1.2 mod_perl/1.21 PHP/4.2.3
4 www.in2m.com 408 453 453 Solaris 8 Apache/1.3.27 (Unix) mod_jk/1.2.0 mod_ssl/2.8.12 OpenSSL/0.9.6h PHP/4.2.2
5 www.caldera.com 235 490 283 Linux Apache
6 www.sco.de 235 490 283 Linux Apache
7 it.sco.com 234 283 283 Linux unknown
8 au.caldera.com 234 489 283 Linux Apache
9 www.sco.com 234 489 266 Linux Apache
10 sco.com 234 489 266 Linux Apache
11 www.caldera.de 233 489 283 Linux Apache
12 www.za.caldera.com 232 489 283 Linux Apache
13 caldera.com 231 490 283 Linux Apache
14 www.sco.at 231 283 283 Linux unknown
15 doc.sco.com 230 283 283 Linux unknown
16 uw7doc.sco.com 230 489 283 Linux Apache
17 osr5doc.sco.com 229 490 280 Linux Apache
18 uk.sco.com 227 279 280 Linux unknown
19 www.calderasystems.com 227 489 283 Linux Apache
20 www.emeia.sco.com 227 491 283 Linux Apache
21 www.sco.it 226 489 260 Linux Apache
22 au.sco.com 223 283 283 Linux unknown
23 www.smilereminder.com 178 180 180 Linux Apache-AdvancedExtranetServer/1.3.23 (Mandrake Linux/4mdk) mod_ssl/2.8.7 OpenSSL/0.9.6c
24 www.bushfam.com 89 129 129 Linux Apache/1.3.27 (Unix) (Red-Hat/Linux) mod_python/2.7.8 Python/1.5.2 mod_ssl/2.8.12 OpenSSL/0.9.6b DAV/1.0.2 PHP/4.1.2 mod_perl/1.26 mod_throttle/3.1.2
25 www.vultus.com 34 305 43 Linux Apache/1.3.26 (Unix) mod_jk/1.2.2 mod_gzip/1.3.19.1a mod_ssl/2.8.10 OpenSSL/0.9.6g
26 shop.sco.com 17 43 0 Linux unknown
27 canopy.com 15 287 1 Linux Apache-AdvancedExtranetServer/1.3.23 (Mandrake Linux/4.2mdk) mod_ssl/2.8.7 OpenSSL/0.9.6c PHP/4.1.2
28 www.centershift.com 4 27 12 Windows 2000 Microsoft-IIS/5.0
29 www.helius.com - 44 18 Linux Apache/1.3.27 (Unix)
30 www.homepipeline.com - 28 5 Windows 2000 Microsoft-IIS/5.0
31 wdb1.sco.com - 17 0 Linux Oracle9iAS/9.0.2 Oracle HTTP Server Oracle9iAS-Web-Cache/Oracl
32 wdb1.caldera.com - 17 0 Linux Oracle9iAS/9.0.2 Oracle HTTP Server Oracle9iAS-Web-Cache/Oracl
33 www.communitect.com - 174 174 Linux Apache-AdvancedExtranetServer/1.3.23 (Mandrake Linux/4.1mdk) mod_ssl/2.8.7 OpenSSL/0.9.6c
34 www.power-innovations.com - 133 134 Windows 2000 Microsoft-IIS/5.0
35 ruckus.clan-nua.com - 31 6 Windows 2000 Abyss/1.1.6 (Win32) AbyssLib/1.0.7
36 nft.com - 25 1 Linux Apache-AdvancedExtranetServer/1.3.23 (Mandrake Linux/4.2mdk) mod_ssl/2.8.7 OpenSSL/0.9.6c PHP/4.1.2
37 www2.skwire.net - 25 6 Windows 2000 Abyss/1.1.6 (Win32) AbyssLib/1.0.7
38 demo.vultus.com - 41 42 Linux Apache/1.3.26 (Unix) mod_jk/1.2.2 mod_gzip/1.3.19.1a mod_ssl/2.8.10 OpenSSL/0.9.6g
39 locutus3.calderasystems.com - 4 0 Linux Apache/1.3.14 (Unix) mod_ssl/2.7.1 OpenSSL/0.9.6 ApacheJServ/1.1 PHP/3.0.15
40 zeus.ut.sco.com - 17 0 Linux Oracle9iAS/9.0.2 Oracle HTTP Server Oracle9iAS-Web-Cache/Oracl

Also, linuxsucks.org uses Linux. It's probably been noted by enough posters, but ohhh, the bitter irony of it all :)

And now back to your regular SCO-bashing...

Also, linuxsucks.org uses Linux. It's probably been noted by enough posters, but ohhh, the bitter irony of it all :)

And now back to your regular SCO-bashing...

Indeed, it's been more than a year since the site was ever served from a SCO Unix machine.

Indeed, it's been more than a year since the site was ever served from a SCO Unix machine.

I haven't looked at Netcraft in a while but did anyone notice www.windowsupdate.com running Linux with IIS? Is this a hack?

Caldera bought SCO, remember? That's probably when and why it changed over.

Why, I remember when Caldera was trying to be a Linux company, and SCO was just a defunct Unix. Now all we have is Caldera/SCO trying hard to be a defunct company!

The website defacement archive at Zone-h shows that Linux accounts for 61% of the defacements in the last 24 hours

that's funny. Netcraft says that apache accounts for 63% of www servers. I can't be sure, but there may be some reason for this correlation.

Security experts have said for years, here and elsewhere, that security is a process, and a function of administration, not some tangible goal that can be reached. Ultimately, it is up to whoever has a secret to make sure their secret is safe.

Linux is one of SEVERAL fine operating systems that give the independent system administrator the ability to examine the security flaws in their system, and to correct the problem on their own, given they have the know-how. The paranoid often do. Closed-source operating systems simply cannot offer this level of security.

According to netcraft the percentage of sites running Apache is 63.72%.

If you consider that the windows version of apache is rather insignificant, I would assume that the total linux web server installations are in line with this number.

Therefore, one must conclude that the predominate cause of web site defacements is negligence, not the opperating system one chooses. After all, technically competent sites such as the one you are reading now almost never get hacked.

Hell, it won't even reboot! Netcraft top uptimes

Why is the parent post currently marked as "+4 Insightful" when it is ignorant of the facts???

The 1000-to-1 Honda to Ferrari analogy is meaningless in this instance.

The actual ratio of Windows to Linux Internet server platforms is 5:3 (see Netcraft).

There are also more Apache servers than IIS.

And there are more Unix e-mail routing servers that there are Outlook servers.

In other words, there should be just as many exploits occuring for Linux/Apache/Unix-mail as there are for Windows/IIS/Outlook.

But instead, the exploits of Microsoft's software are more numerous, more destructive, and longer living -- by far!!!

Why? Because Microsoft has never cared about security (they put cool features like e-mail scripting ahead of security), and their software quality is extremely poor.

There are some stats (look for the pretty pie charts) which can help explain the percentage, along with a few key thoughts and speculations:

• Most web sites run Linux.
• Linux boxes cause so little fuss it's easy to forget they're there (for better or for worse, most distributions, especially older ones, are very content to leave you alone). I've never run across a Windows server that didn't ask for personal attention at least once every hundred days.
• Website defacement is often a direct act, not a simple script which happens to take down a site. All operating systems being equal, a cracker would pick sites at random and crack them; Linux would get cracked more than any operating system, assuming the cracker is great.
• In any operating system, the security is only as tight as the administrator makes it. Well-secured servers are VERY hard to come by.
• A website defacement is not a remote root. It could be a simple cross-site scripting bug in some CGI/PHP/Perl code, which is not the fault of the operating system.

If you look at the Netcraft survey of web servers, you'll find that about 66% are running Apache or Zeus.

Within the margin of error of the statistics, it's pretty much an even distribution of defacements across various OS's.

Go here

Check out Apache's numbers. That would be about the same percentage as servers compromised, assuming the vast majority of Apache sites are running on Linux servers.

Now let's look at which web server runs most virtual hosting environments.

That would be apache again.

So, considering that compromising a single apache host could count for defacements of *thousands* of sites, is anyone still surprised about the numbers?

Wow... What an impressively short-sighted and misinformed opinion. Lemme guess, you're a linux user?

The latest Netcraft survey indicates that the top 5 sites (whatever that means) on the Net run FreeBSD. Now, whether you believe how they indicated top 5 or not, sites like yahoo.com are huge and the fact that they run FreeBSD says a lot.

The BSD's are alive and kicking, esp when you care about size and performance. I can run a Linux Moz binary on a FreeBSD 4.8 box faster than on a RedHat 9 box on the same hardware. Say what you will, but BSD's are a great fit for a number of uses.

And one step below the 100k threshold lies my favorite host of choice, Pair Networks. And take a look at what the longest running sites are using.

Does anyone run this OS?

Yes. Yahoo! uses FreeBSD for all of its shared hosting. Other hosting businesses such as Verio, Infospace and Datasync also have very large deployments of FreeBSD (each of the hosts I named have over 100,000 active sites running on FreeBSD).

The information in this post came from here.

Actually, virus writers write virii targetting windows machines because windows machines are easy targets, not because there are so many licenses sold.

According to Netcraft's site survey only a quarter of active sites run Windows leaving the bulk of the public internet running on *nix.

I suspect much of the 95% of PCs you speak of are safely walled up in institutions, schools and corporations private networks, which are generally out of scope for a worm like blaster to target.

Now koniosis, what you should impress you is that *nix's run the majority of public sites on the internet, (those sites most easily attacked, i might add) with a marked minority of serious compromises as compared to Windows. More sites, less bugs. Simple.

Finally, only a Microsoft employee could think that its justified that the amount of embarrasing code compromises grow proportionally to desktop marketshare.

But that can't be because . . .

Netcraft has confirmed . . . SCO is dead

Nobody really knows what SCO died of, but two days ago, their site went offline. It could bave been an attack of mad hackers or the SOBIG worm, or just a BIG ASS WHOOPIN by someone they're suing.

SCO, we will miss you. No longer will your name grace /.'s front page.

No. It's obviously a parody.

"Well, I just couldn't believe the insanity of this claim, so I did some research. Turns out Infospace, Inc does own linuxsucks.com. However, it was originally owned by Go2Net (scroll down to the bottom), and Go2Net was bought by Infospace Inc in 2000, so the domain is now hosted by Infospace Inc/Go2Net. Go2Net offers hosting, and is therefore hosting the site as a subsidiary of Infospace Inc; it has been hosting LinuxSucks.com since before Infospace Inc's acquisition.

Hence, LinuxSucks.com is an amateur effort; it was neither created, nor funded my Infospace Inc, nor was it created or funded by Microsoft.

As for Microsoft's supposed ties to Infospace Inc? Microsfot did a case study of Infospace Inc's use of "Microsoft Message Queing 3.0", and how it "Reduces Costs While Improving Reliability at InfoSpace". Hardly the deep, cash infused ties this tin-foil hat wearing zealot implies.

Sorry, but that was just SO moronic I couldn't stand it."

"Well, I just couldn't believe the insanity of this claim, so I did some research. Turns out Infospace, Inc does own linuxsucks.com. However, it was originally owned by Go2Net (scroll down to the bottom), and Go2Net was bought by Infospace Inc in 2000, so the domain is now hosted by Infospace Inc/Go2Net. Go2Net offers hosting, and is therefore hosting the site as a subsidiary of Infospace Inc; it has been hosting LinuxSucks.com since before Infospace Inc's acquisition.

Hence, LinuxSucks.com is an amateur effort; it was neither created, nor funded my Infospace Inc, nor was it created or funded by Microsoft.

As for Microsoft's supposed ties to Infospace Inc? Microsfot did a case study of Infospace Inc's use of "Microsoft Message Queing 3.0", and how it "Reduces Costs While Improving Reliability at InfoSpace". Hardly the deep, cash infused ties this tin-foil hat wearing zealot implies.

Sorry, but that was just SO moronic I couldn't stand it."

"ASP.NET will help crush Linux once and for all."

Yes! There's already a proof of that!

On top of that Netcraft says the site is running BSD and Apache. Acoording to the site's author, .NET will take over the world. So... Is there a BSD port of .NET now (joke)? For someone who touts .NET and MS so much, you'd think he'd go out of his way to use IIS.

Anyway, they're running on BSD/Apache, at least according to Netcraft.
An undercover?

They are running FreeBSD. This sort of pandering doesn't really do much for me, but at least these guys aren't pitching their 'Mozilla Coffee' with IIS.

Maybe their site choked and died upon switching back to SCO UNIX from "GNU/Linux & Apache"....

Check out their OS History

I don't think SCO wants people to know that they are running on Linux. And the hipocracy grows deeper......

NFT (norda family trust)

own the netblock which SCO uses

NFT Netblock owner

(see above netcraft link.)

according to this article ...

NFT are boycotting SCO products and services..

This is probably what is going on here

haha

!unixware

Despite the abscence of funding, Debian is the second most popular Linux distribution we find on internet web sites, surpassed only by Red Hat, and leaving the likes of SuSE and Mandrake in its wake.

So if Netcraft are to be believed, Richard Seibt seems to be right in that it is a two distro world; its just that SuSE isn't one of them.

Interesting to see, they were using SCO Unix to host their website, but as stated in his interview, in light of recent events they switched over too!

Netcraft (link to site survey)

some of us have music to help us through the dark times :)

And they dumped SCO a while back too according to Netcraft.

Man, is the a company /.'ers can love or what? ;)

I checked out Ernie Balls website uptime here and I see they're reaping *way* better reliability on their website if nothing else!
Figures for KG Group are comparable - I'd be willing to guess that Ernie Ball's internal server uptimes are in the one year plus zone too - that's certainly what our clients have found.
Companies moving to an OSS back-end don't go back ;)