Slashdot Mirror

freedom.gov is running IIS (our government money at work!). I think by default, IIS hands out cookies to each visitor to keep track of sessions (though I don't remember if it does anything with this information by default -- I think it's mostly for server side ASP stuff). You can always not accept the cookie.

Of course, it's been a couple years since I've had to work with IIS, so I may be remembering incorrectly...

The site blogger.com is running Microsoft-IIS/5.0 on Windows 2000.

is that so?
"Apache 22859123 63.51%"
"Microsoft 9139785 25.39%"

according to your logic, apache should have... 3x the number of worms and viruses.... oh that's right, apache also runs on microsoft operating systems, unlike IIS, so that should increase it's vunerability even more.

I'm not here to start a war, and I could have easily ignored you until you were "-1 flamebait"'ed into nonexistince.

my point was a companion to the one you slopped out- obviously there's gonna be your general nutjobs and script kiddies making viruses, but they're not the ones I'm worried about. I'm worried about the industrial espionage level stuff.

Don't think it'll happen? don't think the companies will stoop that low? Ask all those dead voters that sent letters of support to the justice department in the "right to innovate" campaign... ...come to the dark side... you know you want to:)

Here is Brian LaMacchia's home page: farcaster.com. Netcraft tells us it is running NetBSD or OpenBSD.

Now then, where is my karma/respect/beer?

Linux, according to Netcraft. But then, when I tried to go there, it was down. Maybe that's part of Ballmer's cunning plan...

Now developers can focus their efforts on Linux.

Looking at kernel.org, I see a list of 16 different platforms that run Linux...I see 5 that would run Minix 1.5...Only 1 that runs 2.0...

It's obvious that the developers have already started leaving for Linux development.

Can anyone honestly say that there is a good reason to use Minix over Linux/BSD???

I think it says something when the main page for a "modern" OS isn't running its own web server...

I'm sure there's a good reason why the development team decided to remove Minix support from xterm...this was most likely holding back development of new features.

I actually cant wait for version 5.0 of XFree86...we finally get color mouse pointers (currently available through CVS)...

Let's try that again

looks like 5 win2k servers

You're looking at the wrong site. The topic of discussion is gotdotnet.com, and yes that t makes all the difference. Naturally it runs the OS you'd think it would.

See for yourself! Classic.. to promote .net they use a Linux server... on Apache!!! I just love it!!!

how much more can i dig up on this woman?

she and her husband helped produce a play featuring ugly, naked people at a local seattle theatre house. he was the lighting manager.

here's all his contact information, including his seattle based theatrical lighting equipment company, PNTA

and yes folks, his web site is powered by Apache.

Valerie's husband is an Open Source Software user. looks like she has her work cut out for her.

-s.

If they're so into GNU/Linux and OSS, then why is their webserver running Windows 2000? Here's the Netcraft site: http://uptime.netcraft.com/up/graph/?host=www.mit. gov.in

The thing is, cathedrals are inherently more secure than bazaars. This is in no small part due to the people that frequent each place.

Because security through obscurity has worked out so well for Microsoft in recent years, hasn't it?

While there may be a significant number of vulnerabilities that have existed in Linux applications (a rare few in "Linux" itself, I might add), they're almost always fixed in a timely manner. More than can be said for our Cathedral competitor.

Moreover, the security model of even a relatively loosely secured Linux system helps prevent overall system damage and widespread deployment of such vulnerabilities. Consider the spread of CodeRed or Nimda compared to that of Slapper or Ramen. I'm no mathematician, but I do believe we're talking an order of magnitude in difference here. Before somebody reminds me for the umpteenth time that Microsoft is more widespread; let's concentrate on web server vulnerabilities. These guys disagree wholeheartedly.

Also to be considered is the sheer number of updates that appear on the WindowsUpdate site with no big uproar, and the potential number that are buried deep inside their service packs (104MB for XP, 106MB Win2k SP2 with a 17MB "security roll-up" and subsequent SP3, etc.). With atleast a quarter GB of updates to Win2k systems - that's a lot of fixes! The open source community is just a lot more ... open about the chinks in our armour, which gives statisticians a field day in coming up with reports and editorials about how bad off we are.

Of course, were I to deploy a mission-critical server installation running Linux, I still have the ability to audit the entire codebase (or hire somebody/a team of somebodies to do it for me). With Windows, that's apparently possible, in a small part, and at a very large price (I understand that enterprises can purchase large chunks of the Windows codebase for a few hundred thousand dollars, but don't quote me on it.) on top of the expense in hiring the programmers. This is not to mention the fleet of tens of thousands of eyes always staring at the code of larger projects day in, day out.

Of course I wouldn't install a GUI on my server - but does Win2k or WinXP give you that option? Of course not.`Microsoft's bread-and-butter is having that GUI shoved in your face at all times with the Internet Explorer icon emblazoned on the desktop and etched forever into the back of your retinas. The Windows Scripting Host and VBS support are all part and parcel with their Master Plan to have integrated desktops with unified interfaces (remember, Microsoft server administration is aimed at monkeys, not trained professionals. (Disclaimer: This isn't to say there aren't talented Microsoft administrators out there, only a comment on the target market of the Windows point-and-shoot interface for servers)).

Interesting to note, BTW, that Windows Professional and Server operating systems ship with RPC, Remote Registry Editing, Background Information Transfer Service (BITS), among other things enabled PER DEFAULT . Microsoft claims to be shifting their focus to security, but quite frankly, the default "Automatic" services list in Windows XP doesn't impress upon me a great feeling of security either.

Remember too that Windows (both the 9x and NT trees) were designed to be single user platforms (the NT tree coming from OS/2 - a single user platform) with multi-user support kludged into place. Only recently is there some form of organization as to where users store their individual documents and settings, but the de facto software installation course sees users installing things throughout the root of the filesystem still, because that's the way it's always been.

With a pretty basic set of hardening scripts (filesystem permissions, firewall rules, etc..) Linux can be made infinitely more secure than Windows, and I believe it will always be more secure if the administrator (behind both the Linux and Windows keyboards) are on the ball. Why? Because I believe OSS vulnerabilities will always be patched sooner, tested by a wider range of people, and applied sooner than the alternative closed-source Windows patches. Also, auditing a patch (diff) file is entirely do-able for one or two programmers in an afternoon - something that makes rapid mass-deployment of patches far more plausible, whereas in the Microsoft world the patch/update method is essentially "Test patch on several machines with similar configuration. If nothing breaks, apply it to the front-line servers."

Morality and security wise, I think I'll stick it out with Linux and let the statisticians throw around all the numbers they want. I'm comfortable right where I am, thankyouverymuch.

Runs on windows 2000

Runs on windows 2000

TO increase perfomrance!

Linux.cx runs on windows 2000

Have you ever seen this page before?

From netcraft
netcraft

The site www.rfgonline.com is running Apache/1.3.26 (Unix) AuthMySQL/3.1 mod_ssl/2.8.10 OpenSSL/0.9.6g on Linux

His message board. Last I checked, the board was moderated and all messages had to be pre-approved by a moderator, but it looks like one fellow has found his way around that. Congrats, Mr. Lignatron.

Don't forget to check out his message board's terms of use. Oddly enough, you're not allowed to mention the fact that the owner of the company sues his customers (and everyone else, for that matter). Any mention of the lawsuit that makes it onto his board is deleted very quickly. That doesn't mean you shouldn't try, though. Even if the message gets stuck in an approval queue and never get posted by a moderator, as seems to be the general case, one of his moderators will still have to take the time to delete it. And I get the feeling that his moderators might not even know about the lawsuit, or else they won't associate with him.

One piece of advice to those attacking his message board: if the goal is to warn his customers about what his company is up to, linking to Petsforum, TheDefenseFund, or this Slashdot story would be MUCH more effective than linking to goatse.cx. Our goal is to bring his behavior into public light, not to gross people out. That's what we have Slashdot for. I know old habits die hard, but this is a chance for us to put our trolling/crapflooding skills to good use, and work for a higher goal.

It's funny how after the lawsuit business started, Bob Novak changed the name of his message board to "The Civilized Pet Forum." Yeah, right.

Then there are the requistite requisite mailto links. What good would this post be without the requisite mailto links? Keep these requisite mailto links in mind for future use. These requisite mailto links make the world go round!

Archived mirror of PetsWarehouse page.

Archived company info.

Archived map to store

Domain registration info

GNU Wget - a website downloading tool. Useful for accessing sites that are Slashdotted, by hitting the site over, and over, and over, and over, and over...

Netcraft Info for Petswarehouse

The site www.petswarehouse.com is running Microsoft-IIS/5.0 on Windows 2000.

When their server is running off of their own distribution.

Here is the link

being a die-hard *nix user, seeing stuff like this cracks me up . . . . check out what netcraft says they're serving the page announcing the win2k ban on.

typical

being a die-hard *nix user, seeing stuff like this cracks me up . . . . check out what netcraft says they're serving the page announcing the win2k ban on.

typical

The idiocy of some network admins never ceases to amaze me.

"Residents' computers were compromised with several well-known vulnerabilities and used for all manner of unfriendly purposes such as the installation of viruses like Code Red and Nimda on other residents' computers."

Oh, so you really meant to ban IIS, which is, after all, the software that contributed to most of these worms. Ironically, www.resnet.ucsb.edu is running IIS 5.0 on that very same evil Windows 2000 OS.

Want to know my guess at what happened? Since the admins weren't blocking web servers running on port 80 outside of ResNet, someone set up an IIS server and got nailed with Nimda, which then killed their ResNet web servers (assuming that they hadn't patched their web servers, which isn't much of a leap to make, considering they don't seem to understand the difference between Windows 2000 and IIS.)

"OpenSSL and Apache holes? Wow, let's ban Linux!" That's the same ridiculous leap they made in banning Windows 2000.

"While we understand that it is possible to run a secure Windows 2000 environment, past history has shown that this rarely happens on ResNet."

Nothing like insulting your users AND taking away their right to run a particular OS. You know, this IS an educational institution -- why don't you try educating them? Better yet, cut off ports that are spreading Nimda -- that'll make people figure it out really quickly.

This is ridiculous in every sense of the word, and I hope the students there organize and fight against this. If I lived there, I know I would be.

Seriously. Just redirect the entire RIAA block to goatse or something.

"Here's a security hole for you!"

Haven't you noticed?

They changed it to Microsoft-IIS/5.0, running on Linux!!! Check it out here!

While these stats show that Apache web servers run about twice as many sites as Microsoft web servers, it certainly is not "a few guys". Try enough guys to support ~10M web servers.

How can such a moron be modded as Insightful. What does the number of websites have to do with the spread of the virus. There are hosts with one server running thousands of sites. If this guy wasn't an absolute moron he would do the research and find on netcraft that around 50% of all webservers run Windows (whether IIS or Apache). Linux is actually a distant second with around 30%.

Apache, unsuprisingly, has a large market share, but no mention of OS . . . you're not assuming all of these Apache servers are running on Linux boxes, are you?

They didn't say that they wanted Solaris

I've got your reality right here . Reality is represented by the uppermost line, the one with dominant market share.

The reality is that millions of people use open source software every day. Once you accept that reality, you can begin to understand the idea of open music.

Wake up and smell the source code.

I am so furious with Postgres at this point.

I just had a client that needed a database larger than MySQL could capably handle (3 million records.) Since their budget was tight, I went ahead and recommended Postgres.

Oh! Whoops! Postgres doesn't run natively on Windows. This is COMPLETELY unacceptable. Their development environment and about half their servers, including the one allocated for this project, run on Windows. They went with Microsoft SQL Server, which was acceptable, but which ate almost a third of the budget for the project.

Many companies use a Windows development environment and/or Windows servers. It's stupid to ignore or shrug off the platform that runs at least 25% of the world's web servers and many more file, print, and email servers at businesses -- not to mention 95% of the clients out there, at least some of which are being used for local database development.

I cannot seriously recommend a product that ignores these numbers. Yeah, maybe they aren't out to make money, and so they don't care about losing "business" per se. But they lost my recommendation for projects that MySQL just can't handle. For me, now, it's either MySQL or a commercial database, and frankly, I am disgusted and disappointed to not have a Free alternative in between those two.

According to netcraft their site runs on win2k and has an average uptime of a whopping 6 days. Way to go DMCA worshipping M$ lovers.

Well, you can see what they run their website off of...

You should also note that quite a few newspapers run their presses of some sort of Unix, some in tandem with Macs. This may be mostly the smaller papers (the one's I've had contact with), but that setup seems to work for quite a few.

I find it interesting that according to Netcraft, nytimes.com is running on Solaris. Perhaps they should switch to Linux :)

Being a Unix admin just requires a higher level of understanding what's going on in your computer, so, Unix admins are usually smarter than their Windows colleagues. Exceptions may occur.

You can find uptime info for popular sites via www.netcraft.com.

OpenBSD creator Theo de Raadt has confirmed: his toy OS is dying. It's pallbearers are UltraSPARC, SPARC, Sun 2, and Sun 3. OpenBSD we hardly knew ye.

Look here. Just give up on bsd. It really is dead and the proof is in the pudding.

He really, does.

he sure does.

Great, just what we need, more linux whores!

Most definitely the RIAA. The porn industry is mostly run by the maffia, so if you lose all your money, consider yourself lucky.

Oh, and where exactly do you get this kind of information? I'ld really like to know...

It might seem glamourous to think this, but it's simply not true. The industry runs off of money and profit just like any other industry. The larger magazines/sites/filmmakers can afford to get better models and can also afford to treat their models/photographers/employees better. In actuality, the porn industry co-exists with hollywood/mainstream media...they use similar distribution channels and similar business models.

If you look at the history of Playboy Enterprises, Larry Flynt Publications (Hustler)...who might I add runs his own Linux-based weblog, and General Media Communications, Inc. (Penthouse). You will find that they are all owned and operated by corporations/individuals and follow the letter of the law...they have to, because they are watched closely by special interest groups.

And at least in the instance of Hustler, their website is running off of Linux.

Geez, I wonder how the Online Data Corp web site got hacked so easily... Let's see on Netcraft...

Yep, "The site www.onlinedatacorp.com is running Microsoft-IIS/5.0 on Windows 2000" (and with an uptime of less than a day at that).

And what about the vendor with a guessed password? Netcraft it again... You, ahem, guessed it: The site TalkingTP.com is running Microsoft-IIS/5.0 on Windows 2000.

I dunno about you, but whenever I see a web page with the magical .asp suffix, I carefully avoid to even turn on cookies. Much less give them my name and CC number. Because I know that it's only a question of time before they get hacked, owner and stripped from their customer files.

-- SysKoll

Geez, I wonder how the Online Data Corp web site got hacked so easily... Let's see on Netcraft...

Yep, "The site www.onlinedatacorp.com is running Microsoft-IIS/5.0 on Windows 2000" (and with an uptime of less than a day at that).

And what about the vendor with a guessed password? Netcraft it again... You, ahem, guessed it: The site TalkingTP.com is running Microsoft-IIS/5.0 on Windows 2000.

I dunno about you, but whenever I see a web page with the magical .asp suffix, I carefully avoid to even turn on cookies. Much less give them my name and CC number. Because I know that it's only a question of time before they get hacked, owner and stripped from their customer files.

-- SysKoll