Slashdot Mirror

← Back to Stories (view on slashdot.org)

March Netcraft survey

Posted by ryuzaki0 on from the surveying-the-web dept.

awptic writes "The March Netcraft survey is out. Among the changes is a 4% increase in the number of websites running IIS, primarily due, however, to register.com's domain name parking service switching to mostly IIS servers, which account for over 2 million of the 38 million sites surveyed. Ironically, a large number of the websites were defaced shortly thereafter."

68 of 182 comments (clear)

  1. hacking parked domains. by Transient0 · · Score: 3, Interesting

    Interesting.
    If the parked domains can be hacked and defaced so easily, one has to wonder just how secure the rest of their system is, which is responsible not just for domain name serving, but must handle massive credit card traffic.

    --
    lysergically yours
    1. Re:hacking parked domains. by ThatComputerGuy · · Score: 3, Informative

      According to the article, these tasks were outsourced... not good, but hopefully the same policy isn't taken with more sensitive tasks.

      --
      XML is like violence. If it doesn't solve the problem, use more.
  2. Not just register.com by Snowfox · · Score: 4, Informative

    Not just register.com -- NetSol also moved much of its operations from UNIX systems to Windows systems, if you didn't have enough reason to question the sanity of NetSol already...

    1. Re:Not just register.com by Ami+Ganguli · · Score: 2

      Hmm. Is there something about IIS 6.0 that makes it easier to do bulk hosting? Maybe it's time for a special Apache Cybersquatting Edition :-).

      --
      It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow
  3. Trends by Mattygfunk · · Score: 3, Interesting

    It's interesting to see the trend occurring in the articles charts. It looks to me as if the trend has Apache leveling out and then dropping recently, and IIS use jumping hugely this year. Even accounting for register.com I see MS catching up strongly.

    1. Re:Trends by spencerogden · · Score: 2

      I think the past year has seen a rise in IIS because of the deployment of Win2000. The platform has fine matured as a server.

      --

      Spencer Ogden

  4. Apache 2.0 by Lord+Ender · · Score: 2

    Does anybody know when Apache 2.0 will come out? It supposedly has great design improvements on Windows as compared to Apache 1.X. A lot of Windows users might give Apache more consideration once it comes out.

    --
    A slashdotter who didn't build his own computer is like a Jedi who didn't build his own lightsaber.
    1. Re:Apache 2.0 by tshak · · Score: 4, Interesting

      We (being a primarly MS house) got so fed up with this IIS (4.0) box that we actually put Apache for Windows on it. The main issue was dynamic scripting for site creation. A Perl script written in less then an hour (with minimal Perl experience then that, and NO experience with httpd.conf) was much more efficient then a huge VBScript (written over a few days) that accessed the IIS Metabase. However, with IIS 6.0 all site configuration and creation can be done by simply interfacing with an XML file.

      --

      There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
  5. They switch, regardless of the defacing risk by jsse · · Score: 5, Funny

    Several hundred thousand sites seem to have moved to this [Window based]system this month, and the drop in Netscape-Enterprise is largely a result of this. Ironically, many of the sites were hacked a few days later, Newsbytes reports.

    All of the sudden a pictures of lemmings jumping off a cliff materialized in front of me.

  6. Here's what is next... by aardwolf64 · · Score: 2, Insightful

    Here's what is next:

    A website listing the 10 largest companies with Administrator password == NULL

    Bleh... I've used Netcraft. It's pretty nice... you can find out what version of different software a webserver is running. Web pages like this though should emphasize how important it is to stay on top of the latest bugfixes... As often as exploits get posted for now outdated versions of software, not keeping things up-to-date is like hanging a "HackMePlease" sign on your back.

  7. Focus on Security... by goneaway · · Score: 2, Funny

    I guess that strategy isn't working out so swell.Or maybe it's all just an incredible coincidence. Given the promotional push (read:throwing money at) that Microsoft has given to the idea of their product on the big iron lately this isn't too surprising.

    The whole Unix is Bad and Hard for Your Teeny Little Brain to Process strategy is apparently failing too since they're running the website on BSD.

    --
    your = it belongs to you. you're = a contraction of you and are. Got it now?
  8. Hacked Servers Outsourced to Interland by Anonymous Coward · · Score: 4, Informative

    According to the Security Focus article the affected parking servers had been outsourced to Interland. Not really surprising, since Interland has left their servers vulnerable to various vulnerabilities for months at times.

  9. People are inherently stupid by Kwikymart · · Score: 4, Insightful

    Stupid people!

    Every day we hear about how companies choose to implement MS solutions (adds more to the problem, however) rather than better BSD/Linux solutions. "But it's cheaper to employ an MCSE!"... That may be so, but this route should only be taken if you dont care about the company's data.

    Fucking braindead corporations; spend the extra 15 thousand / year and protect your freaking data instead of throwing away your secrets. It's going to be cheaper down the road when you have to hire lawyers to start sueing people or lose business because people won't trust your braindead corporation with their credit cards.

    --

    Buying a Dell computer is equivalent to dropping the soap in a prison shower.
  10. Speaking of NetCraft... by Craig+Ringer · · Score: 3, Interesting

    You know MS/UniSys's new anti-UNIX site www.wehavethewayout.com? Well take a look at what NetCraft reports</a>
    - and compare to the results of a<br>
    lynx -head http://www.wehavethewayout.com<br>
    command. Interesting. Has MS fiddled the server, and NetCraft is pulling some tricks to get the truth, or is NetCraft pulling a "funny" one?

    1. Re:Speaking of NetCraft... by banky · · Score: 2

      I believe you'll find that this is what's called "damage control". For some reason, the domain got parked on a FreeBSD box, and when MS (and Unisys) found out that they not looked like complete asses, they switched it, post-haste.

      --
      ZOMG I WOULD LOVE TO KNOW ABOUT YOUR FEELINGS ON MACINTOSH VERSUS WINDOWS, VI VERSUS EMACS, AND HOW YOU'RE NOT A DORK
    2. Re:Speaking of NetCraft... by ThePilgrim · · Score: 2

      Having tried, and failed, to get a job at NetCraft, I learn't several things about how they do the survey.

      Most of the OS sampaling is done by analysing the packets from the TCP/IP Stack and not from taking the HTTP header at face value.

      --
      Wouldn't it be nice if schools got all the money they wanted and the army had to hold jumble sales for guns
    3. Re:Speaking of NetCraft... by jmu1 · · Score: 2

      Damage control, shamage control... tracer.
      They just did what most 'persons' with too much money and no time to do anything themselves... they told someone else to do it. When that happens, you'll notice that the others do it the way they want to, in this case, on a FreeBSD setup.
      "And now, we cut to the music..."

  11. Network Solutions? by Negadecimal · · Score: 2

    register.com's domain name parking service switching to mostly IIS servers, which account for over 2 million of the 38 million sites surveyed. Ironically, a large number of the websites were defaced shortly thereafter.

    Hmm...the SecurityFocus article only mentions Verisign/NetSol and their IIS servers.

    1. Re:Network Solutions? by T-Punkt · · Score: 2
      The summary on /. ist not correct. Netcraft said:
      Microsoft gains almost 2 million sites this month, primarily as a result of register.com and Network Solutions migrating their domain parking facilities to a Windows front end.
  12. Re:I knew that Interland stunk already by Dimensio · · Score: 2, Interesting

    What do you expect from a spam-friendly provider? That fact alone means that they are run either by the clueless or the criminal.

    --
    STOP MISUSING APOSTROPHES, YOU MORONS!!!
  13. Shouldn't that be expectedly? by mysticalreaper · · Score: 2, Funny

    > Ironically, a large number of the websites were defaced shortly thereafter.

    Umm... Shouldn't that read, "Expectedly, a large number of websites were defaced shortly thereafter." ?

  14. Re:wow... by rjamestaylor · · Score: 5, Funny
    Monkeys? You're comparing Highly Qualified Professional MCSEs to monkeys? Many Successful Web Professionals are MCSEs. These Trained Professionals suffer long years to earn their credentials.

    I am shocked. Shocked!

    --
    -- @rjamestaylor on Ello
  15. Hmm, I don't think that's what MS/Unisys meant... by UsonianAutomatic · · Score: 4, Insightful

    ...when they said "We Have the Way Out!"

    -1 Redundant, but isn't it interesting that the new anti-Unix site isn't among that 4% IIS increase (and not hacked).

  16. Parked Domains by Thrikreen · · Score: 3, Insightful

    I wonder, even though it's supposed to be a random survey, should there be allowances given for said parked/cybersquatted domains to not factor as much into the percentages? Or another page listing the compared results.

    I mean, most of them would have some sort of template along the lines of "This domain at www.suchandsuch.com is currently Under Construction! / Available for Sale!". Wouldn't be hard to figure out some sort of % similar to another page rating (i.e. diff them and see how many lines are different).

    Granted, it does mean you have to download the page (frames and popups would be annoying though) and waste some CPU cycles comparing the differences, but it would be interesting seeing how many websites of said survey are, say, 95% or higher similar to each other.

    1. Re:Parked Domains by Cardinal+Biggles · · Score: 2

      They should publish # of pages instead of sites. With virtual hosting so widespread, the number of sites is not really a relevant number.

      If Google counted the server type for each of the pages in their cache, that would me much more informative than the Netcraft site count.

      Funny though, MS always claimed that Apache won the Netcraft numbers because of the 'unused sites' counting so heavily - could it be that they actively targeted those web farms in their marketing for this reason?

  17. Server share data for working sites by rkgmd · · Score: 5, Informative

    This data for *active* web servers (about 6 million total) seems to give a different picture---while apache lost 0.16% and IIS gained 0.40%, long-term (over the last year) apache grew, while IIS fell. Also, extrapolated future failure and growth rates seems to indicate that one is better off betting on apache than on IIS.

    1. Re:Server share data for working sites by leonbrooks · · Score: 2
      while apache lost 0.16% and IIS gained 0.40%

      Since the Verisign sites represent about 5% of NetCraft's sample, the implication is that about 4.5% of the advantage was eaten by Apache gains in the same interval. If that's so (I doubt it) Microsoft must be bending over backwards to win the web server stats war starting at the biggest sites, and meanwhile losing ground at the smallest sites.

      Lies, damn lies and statistics. But if true, we'll `nickel and dime' them to death. (-:
      --
      Got time? Spend some of it coding or testing
    2. Re:Server share data for working sites by Perdo · · Score: 3, Interesting

      That begs the question.. If people choose apache because they are smart, and choose IIS because they are sheep, why do people choose Netscape, Zeus, Webstar and Website? What do those people know that we don't or are those people stuck by vendor lock-in? Are there certain webserving applications that are better suited to something besides Apache? Applications besides passport, that is...

      --

      If voting were effective, it would be illegal by now.

    3. Re:Server share data for working sites by rkgmd · · Score: 2, Interesting

      Because of benchmarks like this? (Note how, ignoring the hardware cost for a moment, the top-of-the-line 16-processor IBM pSeries machine running zeus supports 2.5x more users than the best-available 8-processor IIS server.) Also, zeus (and, may be, netscape enterprise, etc.) is known to have better single-machine scalability because of serveral interesting I/O techniques it tends to use---these benefits are more pronounced when run on operating systems like solaris that support fine-grained user-level threads to kernel-level thread mappings. On top of the raw performance, many also support application-level clustering and redundancy (may be important for some portal sites that demand underlying data consistency, and, which, therefore, require more app-level work to scale-up/failover than just adding more server instances). However, for the vast majority of the sites out there that serve out mostly static and simple dynamic traffic, I think apache is more than sufficient (these sites tend to be bottlenecked by the n/w, not by the server), and I would pick apache anyday over IIS for simplicity, stability, and security reasons (even the humble tux server almost matches the best-available IIS5.0 on the same hardware in the benchmark above in terms of performance; there is no need to go into security/stability comparisons).

    4. Re:Server share data for working sites by johnnyb · · Score: 3, Informative

      If people choose apache because they are smart, and choose IIS because they are sheep, why do people choose Netscape, Zeus, Webstar and Website? What do those people know that we don't or are those people stuck by vendor lock-in? Are there certain webserving applications that are better suited to something besides Apache?

      *********

      I think the point is, people who use IIS are sheep. There are many good webservers out there, Apache being an excellent example. For a quick list of features:

      1) Apache - excellent security, modularity, and customizability

      2) Netscape - excellent scalability (Apache might win here, though, when it hits 2.0)

      3) Zeus - very, very fast

      I don't know about the others. Basically, a lot of people have put out good webservers. Microsoft just isn't one of them.

      --
      Engineering and the Ultimate
  18. VeriSign != Register.com by pclinger · · Score: 5, Informative

    The story points out that Register.com switched to IIS. And then the idiot who submitted the story points to an article "Hackers Deface Thousands Of Domains Parked At Verisign" (http://online.securityfocus.com/news/357) about domains getting hacked from Verisign, trying to make some connection there. NetSol is now known as Verisign. Register.com is not Verisign. They are two separate companies. Now, lets review:

    Register.com switches to IIS
    Verisign domains get hacked

    Connection? None. So don't post anything that tries to make that connection.

    --
    /. editors made it impossible to link to file:///c:/con/con in my sig. Please just type it in
    1. Re:VeriSign != Register.com by T-Punkt · · Score: 5, Informative

      Read the Netcraft survey as well---the summary at /. ist not correct, Register.com and Network Solution switched to IIS.

  19. Ironically? I think not. Also, economics. by leonbrooks · · Score: 3
    Ironically, a large number of the websites were defaced shortly thereafter

    The word you're looking for is `inevitably', as in `Inevitably, a large number of recently-IISed websites were defaced soon after the transition'.

    Or possibly a better (at least more accurate) headline would be `Massive webserver defacements entailed by massive webserver HTTP header defacements' (specifically, the `Server' header).

    Wouldn't the extra hardware for serving and managing that many IIS sites be a significant and inhibitory cost factor?
    --
    Got time? Spend some of it coding or testing
  20. Re:Why? In *****s name WHY? by Black+Parrot · · Score: 2


    > I seriously don't understand this. Why would ANYONE (and I mean ANYONE) even consider migrating his webservices to IIS? IMHO you must either be blind, deaf and mute or REALLY very incredibly unbelievably stupid!

    Lessee... Who makes the decision, a PHB or the sukka who has to keep things running? And who wines and dines the most PHBs, Micorsoft or the Apache developers?

    The only surprise is that Apache is being used at all.

    --
    Sheesh, evil *and* a jerk. -- Jade
  21. Object lesson by leonbrooks · · Score: 2

    SANS seems to be off-air as at now. Perhaps there is a lesson in that, or perhaps they just moved to IIS?

    Easier than reposting it would be understanding it yourself.

    --
    Got time? Spend some of it coding or testing
  22. Web page update by leonbrooks · · Score: 2
    The whole Unix is Bad and Hard for Your Teeny Little Brain to Process strategy is apparently failing too since they're running the website on BSD.

    Or were, until somebody noticed that many somebodies noticed.

    IMHO, it would be cool to replace their homepage with:

    <head><title>I dare you to type deltree /y \<title><head>
    <body bgcolor="#000000">
    <form action=./ method=post>
    <h1 color="#00ff00">C:\> <input type=text></h1>
    </form>
    </body></head>

    --
    Got time? Spend some of it coding or testing
  23. IIS by AntiNorm · · Score: 3, Funny

    Ironically, a large number of the websites were defaced shortly thereafter."

    Of course, because IIS stands for "It Isn't Secure."

    --

    I pledge allegiance to the flag...
    of the Corporate States of America...
    1. Re:IIS by Tony-A · · Score: 2

      Internet Idiot's Server.
      For them what think they's smart for buying Microsoft.

      Beware of anyone richer than you who tells you that you're smart.

  24. Lemmingtons: mothed inappropriate by leonbrooks · · Score: 3, Informative
    All of [a] sudden a pictures of lemmings jumping off a cliff materialized in front of me.


    Lemmings don't actually do that. Perhaps a flock of moths orbiting a bonfire... orbiting... orbiting... spiralling in... `we see the light, and that light is Microsoft'

    FWIW, piranha don't get vicious until they're thoroughly starved, and there are several species of vegetarian Piranha.
    --
    Got time? Spend some of it coding or testing
  25. Done. by leonbrooks · · Score: 2
    maybe it is time that Apache gets a GUI and setup wizard option.

    Mandrake Linux 8.2 Download Edition has at least 3, plus at least 3 GUI or browser based management tools for Apache. A site that big - and made entirely of lookalike pages - wouldn't use them.

    Two or three new CodeReds down the track, more people will understand that doing things without knowing what you're doing is bad. Some already have.

    --
    Got time? Spend some of it coding or testing
  26. Ha ha april fool! by Anonymous Coward · · Score: 2, Funny

    These april fool stories are so funny!! People running web servers on IIS.. *snort* that's hilarious!

  27. Re:I found the solution by avij · · Score: 2, Interesting

    What I really meant was this: pmgdirect.com (the marketing group that is running the campaign) had hosted the wehavethewayout.com site on THEIR OWN HARDWARE and the marketing company's OS of choice wasn't a Microsoft product. Of course, the web site has since then been moved to a box running Microsoft OS (the damage control part) and Netcraft hasn't yet caught up with the change. Netcraft does cache the results, see their FAQ.

    Moral of the story: if you're promoting an operating system with the help of a marketing agency, make sure the marketing agency runs the web site in question on the "correct" operating system.

    --

    Follow your Euro bills at EBT
  28. Re:Why? In *****s name WHY? by WildBeast · · Score: 2

    They probably wanted to take advantage of .NET or something like that.

  29. Re:cheatexams.april fools day joke?? by Anonymous+DWord · · Score: 2

    "Trouble" is about the only thing you spelt right in that post. "Illeterate?" Yikes...

    --
    "If he thinks he can hide and run from the United States and our allies, he's sorely mistaken." Bush on bin Laden
  30. Re:Why? In *****s name WHY? by dduck · · Score: 2, Interesting
    Well, you might want to consider that the obvious strategy for MS to recapture marketshare is to give huge custumors a sweet deal - in other words dumping the prices.

    I have heard of several cases (all off the record, obviously) where MS has done just that. Wouldn't you consider switching if you were offered free (or almost free) licenses for all software in the MS catalog?

    IMHO we are seeing the first signs of MS fighting back in the back office segment in ernest. This is not going to be pretty...

  31. Re:nmap by prs · · Score: 2, Interesting

    I nmaped them with the exact same command yesterday, and got a result of FreeBSD. I guess they changed the OS in a real hurry...

  32. Re:Hack the Planet by rseuhs · · Score: 2

    Come on, big marketing bucks coming from Redmond is more important than security.

  33. Re:Why? In *****s name WHY? by rseuhs · · Score: 3, Informative
    While Microsoft is good at bribing big hosting sites to tweak statistics, the reality looks a bit different, IIS marketshare declined significantly since the Code-Red attacks:

    look for yourself

    Nice is Japan and Germany

    People who actually have to pay for IIS *are* switching to Apache, and only very few new companies start with IIS.

  34. wtf? by autopr0n · · Score: 2

    since when does register.com == verisign?

    --
    autopr0n is like, down and stuff.
  35. Well it would be hard to get the server wrong by autopr0n · · Score: 2

    Since the server name is sent as plain text with every page served...

    --
    autopr0n is like, down and stuff.
  36. MCSEs ARE blue collor. Don't kid yourself by autopr0n · · Score: 3, Funny

    Plumbers of the digital world are still plumbers.

    --
    autopr0n is like, down and stuff.
  37. Re:Why? In *****s name WHY? by Ami+Ganguli · · Score: 2

    Whoops, you linked to the Japanese stats both times. Here's Germany.

    The most interesting, though, is this breakdown that ranks sites in a Google-like manner. Apache and IIS both lose a little to Netscape and "other" (also Apache perhaps?), but I think that's the fairest way to compare market share.

    --
    It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow
  38. Gotta check those facts by xrayspx · · Score: 4, Informative

    Not Register.com, Verisign/NetSol. The domains were parked at InterLand.

    Granted, I knew all that before I read this article, but hey, the securityfocus article that was linked had all this information, would have been 4 seconds of Journalistic Research.

    I'm too ornery in the morning. In any case, really big mass-defacement, really easily accomplished.

    --
    I like music
  39. learn english damnit! by kevin+lyda · · Score: 2

    i'm a yank who lives overseas and i get all sorts of abuse regarding irony. irony is an unexpected outcome. defaced iis servers are not unexpected, therefore the word you meant to use was "Coincidentally."

    thank you.

    --
    US Citizen living abroad? Register to vote!
    1. Re:learn english damnit! by geekoid · · Score: 2

      don't most yanks live overseas?
      Cause if the didn't they wouodn't be yanks...
      Now ain't that ironic?

      --
      The Kruger Dunning explains most post on /. http://en.wikipedia.org/wiki/Dunning%E2%80%93Kruger_effect
  40. Ironically? by OblongPlatypus · · Score: 4, Funny

    Someone's concept of the meaning of the word "ironic" is even worse than Alanis Morissette's.

    --
    -- If no truths are spoken then no lies can hide --
  41. Uptime & MS by Anonymous Coward · · Score: 3, Interesting

    I know that this is a well known fact among most /. readers, but no one else commented on the lack of M$ II$ servers on the 'Sites with longest running systems by average uptime' page. I think that should have been the lead 'comment' appearing on the front of /. instead of just announcing the survey results. something like 'M$ cant keep it UP!'

  42. Comment removed by account_deleted · · Score: 3, Informative

    Comment removed based on user account deletion

  43. Re:Why? In *****s name WHY? by rseuhs · · Score: 2
    Huh?

    Apache is in all 3 categories at or near the all-time high!

    BTW, all sites on securityspace are referred sites, so there are no parked domains in the other statistics either.

  44. Re:MCSEs ARE blue collor. Don't kid yourself by saintlupus · · Score: 2

    Plumbers of the digital world are still plumbers.

    I'd be willing to bet that the average plumber makes more money than the average Slashdot reader.

    No need to laugh at people for working with shit all day, be they a plumber or an MCSE.

    --po' white saint

  45. How is this ironical? by gosand · · Score: 2
    Ironically, a large number of the websites were defaced shortly thereafter.

    How is this ironical? Irony something that is contrary to what was expected.

    --

    My beliefs do not require that you agree with them.

  46. Re:Why? In *****s name WHY? by Ami+Ganguli · · Score: 3, Informative

    I meant that Nescape & others do better in the weighted results than in the unweighted results. Certainly Apache dominates the market no matter which way you cut it. Even the SSL market, aparently, which wasn't the case a year or two ago.

    --
    It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow
  47. Re:Why? In *****s name WHY? by rseuhs · · Score: 2

    Compared to IIS it dominates even more - in the unweigthed results, Apache runs about twice as many sites, in the weighted results about 3 to 4 times as many sites as IIS.

  48. Search engine spammers... by alexhmit01 · · Score: 2

    IIS 5.0 and now IIS 6.0 have a lot of extra support for maintaining and monitoring information from different sites on the same server. While Apache is great for really running different sites, IIS's reporting is apprently more interesting to the search engine spam sites that I've talked to.

    Many of them run 5000-10000 domains on 1-2 IIS machines because IIS means they can monitor things with less technical staff. The acknowledge that Apache is better for the serving, but they like IIS's reporting better.

    I wouldn't put too much stock in this stuff. I mean, who cares about an Apache/IIS popularity contest, use the server that matters.

    Apache also isn't helpped that the 2.0 project went on forever AND most of us are still on 1.3. My understanding is that 2.0 introduces a lot of new features to be competitive with the IIS stuff, but none of us appear interested in learning to use it. I mean, I don't need my web server to do THAT much, PHP processing is more useful for me than Apache directives, so I don't care about more functionality.

    Alex

  49. Re:learn english damnit! (learn to spell) by kevin+lyda · · Score: 2

    perhaps, but it's actually spelled damnit.

    and yes, consequently would also work.

    i see no one has noticed the humor in the comment...

    --
    US Citizen living abroad? Register to vote!
  50. Re:cheatexams.april fools day joke?? by Anonymous+DWord · · Score: 2

    Uh, no, I mean "spelt," the past tense and past participle of "spell."

    Might I that legend find, By fairies spelt in mystic rhymes.

    --
    "If he thinks he can hide and run from the United States and our allies, he's sorely mistaken." Bush on bin Laden
  51. Real sites by IamTheRealMike · · Score: 2

    I'd be interested to see how many of them serve up the default page too - remember how IIS was being installed by default on 2K machines without their users knowing? How many of those hits aren't actually real websites?

  52. A notty little problem by leonbrooks · · Score: 2
    I understand it, *nix is a bigger security threat than MS.

    Not.

    The problem arises because you trust the word of someone who can't add subtotals. All of the unique problems of Unix servers (includes all distributions of Linux and Solaris) taken together are easily outweighed by just one company, a company proven in court to be software pirates, theives, liars, monopolists and other things. It's not their paid word on this topic that you happen to be taking, is it, Coward?
    --
    Got time? Spend some of it coding or testing