Slashdot Mirror
March Netcraft survey
awptic writes "The March Netcraft survey is out.
Among the changes is a 4% increase in the number of websites
running IIS, primarily due, however, to register.com's domain
name parking service switching to mostly IIS servers, which account for over 2 million
of the 38 million sites surveyed.
Ironically, a large number of the websites were defaced shortly
thereafter."
Interesting.
If the parked domains can be hacked and defaced so easily, one has to wonder just how secure the rest of their system is, which is responsible not just for domain name serving, but must handle massive credit card traffic.
lysergically yours
Not just register.com -- NetSol also moved much of its operations from UNIX systems to Windows systems, if you didn't have enough reason to question the sanity of NetSol already...
It's interesting to see the trend occurring in the articles charts. It looks to me as if the trend has Apache leveling out and then dropping recently, and IIS use jumping hugely this year. Even accounting for register.com I see MS catching up strongly.
Several hundred thousand sites seem to have moved to this [Window based]system this month, and the drop in Netscape-Enterprise is largely a result of this. Ironically, many of the sites were hacked a few days later, Newsbytes reports.
All of the sudden a pictures of lemmings jumping off a cliff materialized in front of me.
According to the Security Focus article the affected parking servers had been outsourced to Interland. Not really surprising, since Interland has left their servers vulnerable to various vulnerabilities for months at times.
We (being a primarly MS house) got so fed up with this IIS (4.0) box that we actually put Apache for Windows on it. The main issue was dynamic scripting for site creation. A Perl script written in less then an hour (with minimal Perl experience then that, and NO experience with httpd.conf) was much more efficient then a huge VBScript (written over a few days) that accessed the IIS Metabase. However, with IIS 6.0 all site configuration and creation can be done by simply interfacing with an XML file.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
Stupid people!
Every day we hear about how companies choose to implement MS solutions (adds more to the problem, however) rather than better BSD/Linux solutions. "But it's cheaper to employ an MCSE!"... That may be so, but this route should only be taken if you dont care about the company's data.
Fucking braindead corporations; spend the extra 15 thousand / year and protect your freaking data instead of throwing away your secrets. It's going to be cheaper down the road when you have to hire lawyers to start sueing people or lose business because people won't trust your braindead corporation with their credit cards.
Buying a Dell computer is equivalent to dropping the soap in a prison shower.
You know MS/UniSys's new anti-UNIX site www.wehavethewayout.com? Well take a look at what NetCraft reports</a>
- and compare to the results of a<br>
lynx -head http://www.wehavethewayout.com<br>
command. Interesting. Has MS fiddled the server, and NetCraft is pulling some tricks to get the truth, or is NetCraft pulling a "funny" one?
I am shocked. Shocked!
-- @rjamestaylor on Ello
...when they said "We Have the Way Out!"
-1 Redundant, but isn't it interesting that the new anti-Unix site isn't among that 4% IIS increase (and not hacked).
I wonder, even though it's supposed to be a random survey, should there be allowances given for said parked/cybersquatted domains to not factor as much into the percentages? Or another page listing the compared results.
I mean, most of them would have some sort of template along the lines of "This domain at www.suchandsuch.com is currently Under Construction! / Available for Sale!". Wouldn't be hard to figure out some sort of % similar to another page rating (i.e. diff them and see how many lines are different).
Granted, it does mean you have to download the page (frames and popups would be annoying though) and waste some CPU cycles comparing the differences, but it would be interesting seeing how many websites of said survey are, say, 95% or higher similar to each other.
This data for *active* web servers (about 6 million total) seems to give a different picture---while apache lost 0.16% and IIS gained 0.40%, long-term (over the last year) apache grew, while IIS fell. Also, extrapolated future failure and growth rates seems to indicate that one is better off betting on apache than on IIS.
The story points out that Register.com switched to IIS. And then the idiot who submitted the story points to an article "Hackers Deface Thousands Of Domains Parked At Verisign" (http://online.securityfocus.com/news/357) about domains getting hacked from Verisign, trying to make some connection there. NetSol is now known as Verisign. Register.com is not Verisign. They are two separate companies. Now, lets review:
Register.com switches to IIS
Verisign domains get hacked
Connection? None. So don't post anything that tries to make that connection.
The word you're looking for is `inevitably', as in `Inevitably, a large number of recently-IISed websites were defaced soon after the transition'.
Or possibly a better (at least more accurate) headline would be `Massive webserver defacements entailed by massive webserver HTTP header defacements' (specifically, the `Server' header).
Wouldn't the extra hardware for serving and managing that many IIS sites be a significant and inhibitory cost factor?
Got time? Spend some of it coding or testing
Ironically, a large number of the websites were defaced shortly thereafter."
Of course, because IIS stands for "It Isn't Secure."
I pledge allegiance to the flag...
of the Corporate States of America...
Lemmings don't actually do that. Perhaps a flock of moths orbiting a bonfire... orbiting... orbiting... spiralling in... `we see the light, and that light is Microsoft'
FWIW, piranha don't get vicious until they're thoroughly starved, and there are several species of vegetarian Piranha.
Got time? Spend some of it coding or testing
look for yourself
Nice is Japan and Germany
People who actually have to pay for IIS *are* switching to Apache, and only very few new companies start with IIS.
Plumbers of the digital world are still plumbers.
autopr0n is like, down and stuff.
Not Register.com, Verisign/NetSol. The domains were parked at InterLand.
Granted, I knew all that before I read this article, but hey, the securityfocus article that was linked had all this information, would have been 4 seconds of Journalistic Research.
I'm too ornery in the morning. In any case, really big mass-defacement, really easily accomplished.
I like music
Someone's concept of the meaning of the word "ironic" is even worse than Alanis Morissette's.
-- If no truths are spoken then no lies can hide --
I know that this is a well known fact among most /. readers, but no one else commented on the lack of M$ II$ servers on the 'Sites with longest running systems by average uptime' page. I think that should have been the lead 'comment' appearing on the front of /. instead of just announcing the survey results. something like 'M$ cant keep it UP!'
Comment removed based on user account deletion
I meant that Nescape & others do better in the weighted results than in the unweighted results. Certainly Apache dominates the market no matter which way you cut it. Even the SSL market, aparently, which wasn't the case a year or two ago.
It is tempting, if the only tool you have is a hammer, to treat everything as if it were a nail. - Abraham Maslow