Slashdot Mirror
Netcraft Survey Updated
The latest survey is out and ready for reading from Netcraft. There's some interesting commentary in regards to Code Red, and its effects on web usage. One of the things that I found most interesting was the data showing that while the number of sites hosted by Apache continues to grow, the number of physical webservers running some variety of Windows is about half of the total. Worth checking out.
Well Netcrafts servers seem to handle the slashdot efect pretty well.
Wonder how long they'd have stayed up if they used IIS.
P.S Is it one of those urban myths or does IIS really stand for Internet Infection System ?
Maybe I have been taking too much acid in the last couple of days (Wow, look! A rainbow Tux!), but I think this is part of Microsoft's plan.
If it takes 2 MS machines to replace every Apache machine MS will be sitting pretty. All they need is a few pointy haired bosses who are naive enough to spend more money for more machines. Then they can say they have the most marketshare. Combined with some FUD this makes a great way gain new clients. Eventually Apache will dwindle, and the corporate world will shun you unless you use MS.
Everytime you look at porn a devil gets their horns.
As the article itself said, even when many IIS sites have gone down, since Gartner's report. It is hard to tell wether they just chaged ip, as the systems were reinstalled etc.
On the other hand, I would see it positive, if it would change some IIS servers to linux. For the growth of linux on the pie has been taken from the other *nixes.
Are there any good ways do advocate such behaviour?
In dream society, people could be given the ability to mod replies. In real life, it would be disaster.
I'm surprised that they don't infer that a large number of those sites were alerted to the fact that they were running IIS when they were hit by code-red. They shut it down because they didn't need it, not because they replaced it!
Amazing how many of the code red servers were displaying the sample page.
Our experience with our access provider is interesting in relation to the Code Red effects described in this report.
We live in a block of office units with shared network access. Our landlord is about as non tech as they come, the whole company, and outsource the LAN provision.
The phones and LAN went down twice due to Nimda, although our machines were unaffected - being patched!
The operator has given our landlord the following advice "Cut them off unless they have Norton". So we get a visit from a suit asking if we have Norton on our computers. We don't we have McAfee. His response?
"Get Norton by Friday or your being disconnected"
People just don't understand this stuff. We have fully patched machines, which run good virus software, but our PHB landlord denies us access to the network that WE PAY FOR beause we chose a different software solution.
- I am the unqualified systems admin for our company, and I've been asked to set us up a crappy website. I only use windows, so I use IIS
- I am the systems admin for a hosting company, with several dozen servers, each with many virtual hosts for my clients. Naturally I use Apache on L/Unix, as it's secure and reliable, and I know how to use a CLI.
Naturally Apache is going to have a greater number of sites per machine, whereas IIS is going to have a large number of physical machines hosting a single crappy home-made site.Comment removed based on user account deletion
This DOES NOT account for the number of Web servers running a particular package to do something, it accounts for the number of servers _installed_ whether intentionally or not.
Further, it doesn't account for website overloading whereby a number of sites reside on the same IP address. Does Geocities count as one site, as it [may] only be registered to one IP?
Hmmm, could be a bunch of folks realized that IIS server on their SQL server was unnecessary. Again, they may have 'disappeared', but it doesn't mean they were used in the first place.
I mention the above as it's how were functioning in OUR case. (3 or 4 machines that never used IIS have it turned off now, and we've got several large sites all sharing the same IP and servers)
"Draco dormiens nunquam titillandus."
What if next time the virus is a nifty I86 Assembly worm ?
.EXEs etc.) are written in pure x86 assembly. But they still are OS-specific.
Writing a worm in x86 assembly does not mean that you have an OS-independent worm.
Every worm needs a method to infect other hosts, and the only way is to exploit known vulnerabilities in legit services - ie, you are using applications' (IIS, Apache, bind, sendmail) and operating system's (Windows, Linux, Solaris) services to infect the host. The reason is that, on a network, you are not talking directly to the processor like you do with a local process. You are talking with software layers that manage your connection.
After you have unscrewed the software protections, you make your payload execute on the target host, using a nifty x86 assembly snipped designed to gain privileges. But this is still dependent on the OS.
In fact, many old-fashioned viruses (infected disks,
What's with that? The end of month figures for vulnerable IIS systems show an increase in cross site scripting, accessible admin pages and viewable script source. Any guesses?
Is it just that they're more visible? Or is it a whole bunch of sysadmins formatting, re-installing, then selectively patching for the last three exploits that they can remember? Wierd.
If you were blocking sigs, you wouldn't have to read this.
Usually it is quite simple to migrate between Unices and Linux, but its quite a challenge to switch from a Microsoft platform to some *nix/Apache platform, if the server serves more than simple static pages.
I believe, the process to migrate from WinXXXX/IIS to *nix/Apache will take a few months, not weeks, for management decision (big corporations are not able to produce decisions in a few hours, but will take weeks - till the next "meeting" or so), reprogramming, data-migration, testing etc.
That's the reason, why Netcraft itself stated:
So give us time, and lets analyse the stats again in a few months.ms ms
It seems Netcraft has a very hard job to do. Yes, I eagerly check them every month to see that my favourite web server (Apache ofcourse) is well on top. I'm also glad BSD isn't dying as some troll reported. 6% BSD on the web could mean many more times that in market share. 50% Windoze appears to count for only a tiny proportion of the computing power on the web. A good point was made that in this tabulation, a $1k "el cheapo" counts the same as a $1M top-of-the-line Sun!
For starters, maybe research should be done to determine which servers and platforms serve the most actual pages on the web. It is very reasonable to state the very same hardware will serve twice the volume with Apache Unix than IIS-win. The type of Unix may matter too. Large sites tend to use Linux, very large sites tend to use BSD. Moderate sites use Solaris (and only the smallest use IIS) in general. If security is of any concern, Windoze is a joke. Apache makes a Windoze version, but warns it should never be used in a production setting - just for a quick prototype. (to show management)
More interesting is which system serves the most data overall? The people that work on the 'big iron' say it is Linux by far, then a toss-up between Solaris and BSD. With a paltry 5%, comes the combined power of all Microsoft PC's.
The point is clear and we have all heard it: "You can prove or dis-prove anything by how you manipulate statistics". So M$ is the best from their prospective, and so is Linux from theirs and the same for Sun, BSD and all the others. BSD does make a good point that they can serve 100x the data for the same cost as Microsoft, and that assumes you *pirated the Microsoft software* and does not include 'down time' so many Microsoft users can relate to, nevermind all the email worms and Trojans either!
I'm not too sure about this whole NetCraft thing, but if it has Neve Campbell and Robin Tunney, you can count me in.
Wouldn't it be event more deadly than a simple IIS targeted one ?
No, because you can't arbitrarily execute x86 machine code on my x86-based server. You have to exploit a hole first, then get your code to execute. Since I run Apache instead of IIS, it's much harder for you to get into my system, and since I run Linux (properly configured) instead of Windows (misconfigured by a PHB who thinks the pretty dialog boxes make him a sysadmin), it's harder for you to do significant damage if you do get your code to run (because Apache setuids itself to a non-root user).
$x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
$x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Annecdotally, I can say that about a dozen machine linux servers I know are each running 3 or more separate hosts.
Beta is broken and the link to classic doesn't work. Stop wasting our time or there won't be anybody left here.
This kind of implies to me that at least 78,000 of the machines Netcraft have been counting as IIS Web servers were in fact just machines on which IIS had been loaded by default, and were never serving any real content anyway. If that's true of 78,000, how many more is it true of? In other words, are Netcraft systematically overcounting IIS by counting all machines with IIS running whether they are in fact serving any real content or not? Likewise, how many of the 'Apache' servers counted are in fact just 'out of the box' Linux installs with no real content?
I'm old enough to remember when discussions on Slashdot were well informed.
You have to get in there first.
And if you do, even MS use the x86 protection mechanism and run most code in ring 3. Since the account Apache runs in would not have the priviledge to install & run arbitrary ring 0 code (as would be the case with IIS [running as Local System] installing device drivers) there are limits on what can be done.
Maybe there's an argument for an OS which has two modes which are mutually exclusive. You can use the machine (run applications etc.) or you can administer the machine (install drivers etc.). You cannot do both from the same account. Many Windows users run their day to day work under accounts with admin priviledges - or worse still, domain admin privildges. Why? Do people really need to switch from document writing to driver installation so quickly that they need be done without an additional login? Does anyone really need god-like priviledges from a regular account?
Of course, I may be talking rubbish.
This sig made only from recycled ASCII
Netcraft isn't stupid.... see netcraft mechanics and how many active sites are there?.
The military has already shutdown a large number of their websites. Generally, each unit has their own website/server. Sometimes sections within each unit will also have their own website/server depending on how important they view themselves as being. The information those sites provide is usually basic, very rarely has dynamic content, and can very easily be obtained by other means.
Those who have had sites that were shutdown now have to get approval (from several echelons up) before that can put their sites back up. I'm not going to say what the new web servers will be running, but it WILL NOT be Miscrosoft's IIS. The websites that are still running IIS are actively scanned for vulnerabilities (by someone other then several thousand script kiddies).
I will not be surprised if ALL of the webservers run by the military will be moved over to something else.
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)
My university switched from Sendmail to Exchange last year. In the process, we went from 1 Solaris machine to 4 Dual-Pentium/II Windows boxes.
That's how you win market share...
IIS is NOT installed by default in W2K Pro.
Bleh!
There actually is a "good" reason that even people that know better often do this on NT(aka 2k). If you're sitting there word processing, logged in as a non-admin, and someone calls you and needs, let's say, a new account made for the new hire - you must close out of your program, log out of windows, log back in, then make the account. It's a pain. Whereas on a *nix box it's as it should be, you just open an xterm, su, and make the account. It's very handy to be able to change the user in a controlled way like that in an existing session, without affecting the other stuff you are doing.
Another reason that this is done a lot is that there are a lot of NT admins out there that just don't know what they are doing. You tell them you need two accounts and they think you're trying to scam them. These people are just jokes, but if they happen to be over you in the local hierarchy there isn't often a lot you can do about them. So you do it their way, and just hope you don't get hit when it hits the fan.
=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Friends don't let friends enable ecmascript.