Slashdot Mirror
Netcraft Survey Updated
The latest survey is out and ready for reading from Netcraft. There's some interesting commentary in regards to Code Red, and its effects on web usage. One of the things that I found most interesting was the data showing that while the number of sites hosted by Apache continues to grow, the number of physical webservers running some variety of Windows is about half of the total. Worth checking out.
Well Netcrafts servers seem to handle the slashdot efect pretty well.
Wonder how long they'd have stayed up if they used IIS.
P.S Is it one of those urban myths or does IIS really stand for Internet Infection System ?
Maybe I have been taking too much acid in the last couple of days (Wow, look! A rainbow Tux!), but I think this is part of Microsoft's plan.
If it takes 2 MS machines to replace every Apache machine MS will be sitting pretty. All they need is a few pointy haired bosses who are naive enough to spend more money for more machines. Then they can say they have the most marketshare. Combined with some FUD this makes a great way gain new clients. Eventually Apache will dwindle, and the corporate world will shun you unless you use MS.
Everytime you look at porn a devil gets their horns.
As the article itself said, even when many IIS sites have gone down, since Gartner's report. It is hard to tell wether they just chaged ip, as the systems were reinstalled etc.
On the other hand, I would see it positive, if it would change some IIS servers to linux. For the growth of linux on the pie has been taken from the other *nixes.
Are there any good ways do advocate such behaviour?
In dream society, people could be given the ability to mod replies. In real life, it would be disaster.
I'm surprised that they don't infer that a large number of those sites were alerted to the fact that they were running IIS when they were hit by code-red. They shut it down because they didn't need it, not because they replaced it!
Amazing how many of the code red servers were displaying the sample page.
Our experience with our access provider is interesting in relation to the Code Red effects described in this report.
We live in a block of office units with shared network access. Our landlord is about as non tech as they come, the whole company, and outsource the LAN provision.
The phones and LAN went down twice due to Nimda, although our machines were unaffected - being patched!
The operator has given our landlord the following advice "Cut them off unless they have Norton". So we get a visit from a suit asking if we have Norton on our computers. We don't we have McAfee. His response?
"Get Norton by Friday or your being disconnected"
People just don't understand this stuff. We have fully patched machines, which run good virus software, but our PHB landlord denies us access to the network that WE PAY FOR beause we chose a different software solution.
- I am the unqualified systems admin for our company, and I've been asked to set us up a crappy website. I only use windows, so I use IIS
- I am the systems admin for a hosting company, with several dozen servers, each with many virtual hosts for my clients. Naturally I use Apache on L/Unix, as it's secure and reliable, and I know how to use a CLI.
Naturally Apache is going to have a greater number of sites per machine, whereas IIS is going to have a large number of physical machines hosting a single crappy home-made site.Comment removed based on user account deletion
This DOES NOT account for the number of Web servers running a particular package to do something, it accounts for the number of servers _installed_ whether intentionally or not.
Further, it doesn't account for website overloading whereby a number of sites reside on the same IP address. Does Geocities count as one site, as it [may] only be registered to one IP?
Hmmm, could be a bunch of folks realized that IIS server on their SQL server was unnecessary. Again, they may have 'disappeared', but it doesn't mean they were used in the first place.
I mention the above as it's how were functioning in OUR case. (3 or 4 machines that never used IIS have it turned off now, and we've got several large sites all sharing the same IP and servers)
"Draco dormiens nunquam titillandus."
What's with that? The end of month figures for vulnerable IIS systems show an increase in cross site scripting, accessible admin pages and viewable script source. Any guesses?
Is it just that they're more visible? Or is it a whole bunch of sysadmins formatting, re-installing, then selectively patching for the last three exploits that they can remember? Wierd.
If you were blocking sigs, you wouldn't have to read this.
Usually it is quite simple to migrate between Unices and Linux, but its quite a challenge to switch from a Microsoft platform to some *nix/Apache platform, if the server serves more than simple static pages.
I believe, the process to migrate from WinXXXX/IIS to *nix/Apache will take a few months, not weeks, for management decision (big corporations are not able to produce decisions in a few hours, but will take weeks - till the next "meeting" or so), reprogramming, data-migration, testing etc.
That's the reason, why Netcraft itself stated:
So give us time, and lets analyse the stats again in a few months.ms ms
It seems Netcraft has a very hard job to do. Yes, I eagerly check them every month to see that my favourite web server (Apache ofcourse) is well on top. I'm also glad BSD isn't dying as some troll reported. 6% BSD on the web could mean many more times that in market share. 50% Windoze appears to count for only a tiny proportion of the computing power on the web. A good point was made that in this tabulation, a $1k "el cheapo" counts the same as a $1M top-of-the-line Sun!
For starters, maybe research should be done to determine which servers and platforms serve the most actual pages on the web. It is very reasonable to state the very same hardware will serve twice the volume with Apache Unix than IIS-win. The type of Unix may matter too. Large sites tend to use Linux, very large sites tend to use BSD. Moderate sites use Solaris (and only the smallest use IIS) in general. If security is of any concern, Windoze is a joke. Apache makes a Windoze version, but warns it should never be used in a production setting - just for a quick prototype. (to show management)
More interesting is which system serves the most data overall? The people that work on the 'big iron' say it is Linux by far, then a toss-up between Solaris and BSD. With a paltry 5%, comes the combined power of all Microsoft PC's.
The point is clear and we have all heard it: "You can prove or dis-prove anything by how you manipulate statistics". So M$ is the best from their prospective, and so is Linux from theirs and the same for Sun, BSD and all the others. BSD does make a good point that they can serve 100x the data for the same cost as Microsoft, and that assumes you *pirated the Microsoft software* and does not include 'down time' so many Microsoft users can relate to, nevermind all the email worms and Trojans either!
I'm not too sure about this whole NetCraft thing, but if it has Neve Campbell and Robin Tunney, you can count me in.
This kind of implies to me that at least 78,000 of the machines Netcraft have been counting as IIS Web servers were in fact just machines on which IIS had been loaded by default, and were never serving any real content anyway. If that's true of 78,000, how many more is it true of? In other words, are Netcraft systematically overcounting IIS by counting all machines with IIS running whether they are in fact serving any real content or not? Likewise, how many of the 'Apache' servers counted are in fact just 'out of the box' Linux installs with no real content?
I'm old enough to remember when discussions on Slashdot were well informed.
Netcraft isn't stupid.... see netcraft mechanics and how many active sites are there?.
The military has already shutdown a large number of their websites. Generally, each unit has their own website/server. Sometimes sections within each unit will also have their own website/server depending on how important they view themselves as being. The information those sites provide is usually basic, very rarely has dynamic content, and can very easily be obtained by other means.
Those who have had sites that were shutdown now have to get approval (from several echelons up) before that can put their sites back up. I'm not going to say what the new web servers will be running, but it WILL NOT be Miscrosoft's IIS. The websites that are still running IIS are actively scanned for vulnerabilities (by someone other then several thousand script kiddies).
I will not be surprised if ALL of the webservers run by the military will be moved over to something else.
Go not unto/. for advice, for you will be told both yea and nay (but have nothing to do with the question)