Slashdot Mirror
Netcraft Web Server Stats Challenged
kolchak writes "An article in The Age has an interesting analysis of the Netcraft Web Server Usage Reports. According to Port80 Software, Netcraft's surveys are biased towards domain name parkers and very small web sites, not taking into account how popular a site may be - there's some interesting results in the competing Port80 survey." However, it should be pointed out that Port80 "develops software products to enhance the security, performance and user experience of Microsoft's Internet Information Services (IIS) Web server."
This is wrong on soooooo many levels. I could understand trying to twist the truth by redefining what a webserver is... but thier sampling method is straight out wrong.
Want proof? Here it is. Go to the linked article, (or click here) and where they have the box to check your server header (about half way down the page) type in www.microsoft.com - you will see its running IIS/6. A nice happy IIS server.
Now, type in my web server - http://www.isthatdamngood.com - its a nice Linux/Apache server. My server will CRASH thier app! Actually, a lot of linux servers will crash it...
Kinda hard to claim your results are more indicitative of the market when your scanning technology is flat out broken.
Karma: SELECT `karma` FROM `users` WHERE `userid`=138474;
What's the alternative, counting by IP? It could be interesting, but not necessarily more representative. I'm on a shared host with dozens of other domains: by choosing that host, we 'cast votes' for Apache, didn't we?
Trying to access http://port80software.com/:
/includes/Referer.asp, line 7
Microsoft OLE DB Provider for ODBC Drivers error '80040e31'
[Microsoft][ODBC SQL Server Driver]Timeout expired
Hahahah! Yeah, I'll trust ANYTHING those MS lackies have to say.
a product .... to confuse script kiddies
I am running Apache on Linux, and I still get 1000 hits a day trying to crack MSADC with buffer overflows, and FrontPage exploit attempts. It's not like the script kiddies check the server ID or pay any attention to it even if they do.
The surveys at securityspace.com attempt to weight webserver popularity by site popularity.
If you are conducting a survey to find out what is the "best of the best" in server software, why survey Family Dollar Store? Or Land 'O Lakes? You should be choosing technically savvy, solution neutral companies are likely to choose the best. These are the actual companies that have a big web presence and you would not expect them to choose a platform which would affect their bottom line badly... As opposed to Sears Roebuck, whose online presence can be compared to Amazon's retail presence. Would we ask Amazon how to organize endcaps? Let's pick a few technically adept companies at random here...
Amazon - Apache
AT&T - Netscape
Bell South - Apache
Cisco - Unix
Dell - IIS5
Earthlink - Netscape
E-Bay - IIS4
HP - Apache
Intel - IIS6
Lucent - Netscape
Motorola - Apache
National Semiconductor - Netscape
Nextel - Netscape
Qualcomm - Netscape
PC Connection - IIS5
I can't survey any more companies, because Port80's IIS6 server is slashdotted. However, if is apparent from this data that nearly 1/3rd of all websites that count are hosted on Netscape platforms. Apache and IIS share 1/4th each, and Cisco's odd unix variant wrapps up the rest.
Personally I'm amazed that Netscape is holding on to a lead... I would have expected them to be out of the running long ago. I'll have to check them out.
The ______ Agenda
We detect that www.port80software.com is running Yes we are using ServerMask.
Date: Thu, 27 Nov 2003 07:15:24 GMT
Server: Yes we are using ServerMask
Set-Cookie: It works on cookies too=8, SM130P.5Q..NS12H57M64MP00.N2356; path=/
Cache-control: private
Content-Length: 21881
Connection: keep-alive
Connection: Keep-Alive
Content-Type: text/html
bash$
As a career admin who has worked for 15 fortune 100 company as either an employee or a consultant in the past decade, and currently as the project lead replacing an aging proprietary UNIX solution for a telecom spanning an ENTIRE STATE you are on crack. To dot the I's and cross the T's I hired FIVE independant firms to do cost benefit analysis on proprietary versus open source even though I already knew the answer. The long and the short of it is, over a 5 year period for our particular needs the BEST case scenerio for cost with the cheapest possible proprietary solution factoring in maintenance, upfront costs, and scale was 10 million dollars. The highest price for an open source solution was 4.3 million and that was because it was a hybrid solution that was about 50 percent proprietary and not purely open source. The solution I went with was 90 percent debian based (since redhat is doing it's thing, and SuSe is uncertain because of the merger) and 10 percent Solaris/Oracle and will cost an estimated 2.3 million. And for the record I freaking HATE debian but it makes the most sense for this particular situation.
For every annoying gentoo user, are three even more annoying anti-gentoo crybabies. Take Yosh from #Gimp for example.
The "top 1,000" list is based on the Fortune 1,000. Google, Yahoo, and Slashdot aren't on the Fortune 1,000. The theory is that the Fortune 1,000 indicates Real Companies, and that this is what Real Companies chose. However, many of these Real Companies are holding companies or target highly specialized audiences (like people needing drilling supplies). Many of these Real Companies are actually running what we would consider toy web sites: almost no content, entirely static pages, very few pages, and almost no visitors. So while this may represent what Real Companies chose, it does not necessarily represent what people with Real Work chose.
Search 2010 Gen Con events
Now do the following commands:
(With Apache 2.x, cd os/unix)
#define PLATFORM "Unix"
(With Apache 2.x, vi ap_release.h)
#define SERVER_BASEVENDOR "Apache Group"
#define SERVER_BASEPRODUCT "Apache"
#define SERVER_BASEREVISION "1.x.xx"
(With Apache 2.x, cd
You're done. Congratulations. You just saved yourself $49 dollars!!!
http://news.netcraft.com/archives/2003/11/03/novem ber_2003_web_server_survey.html
Is the latest survey, apache has 67.41 of all domains (well, all that Netcraft knows about anyways) at 30298060 domains.
If you look only at "active" domains, apache has 68.60%, so actually even a *higher* market-share. Of a total of 14370515 active domains. (so according to Netcraft, about half of all registered domains are "active" and the other half are "parked"
that Microsoft's web server installs across ALL TOP DOMAINS have dropped to their 1997 levels, while Apache has almost doubled their 1997 levels. No amount of MS PR cash can change that fact.
Hiding your IIS server behind a server mask or mis-identifying it as an Apache server isn't going to stop a virus or trojan... they can't read. They just try the exploit and if it works... it works. Not only has that been happening a lot on IIS servers, and MS software in general, the rates of infections/infectors seem to be growing... which explains why Apache had another large jump since last month, and MS has fallen by almost the same amount.
It's one thing to have your web site broken into, its another thing to pay to have it broken into. That's what you're doing when you buy & install MS web servers and the anti-viral software which supposedly will 'protect' them. It's obvious something is not working....
Running with Linux for over 20 years!
No, it's not. Look at the examples they gave of "Top 1000" sites that switched to IIS in the last month: CDW (CDWC, Nasdaq-100), Martin Marietta Materials (MLM, not part of any index), Warnaco (WRNC, not part of any index)
Why would anybody do that?
I had a mate that needed to do exactly that. He was running an apache webserver, and as such he was unable to get tech support. His way round this was to have Apache look like IIS by getting it to serve IIS headers.
nick
Electronic Music Made Using Linux http://soundcloud.com/polyp
should be taken with a mountain-sized grain of salt
People who enjoy the taste of salt add it in proportion to the amount of food they intend to eat. "Take with a grain of salt" means "Eat so little that just one grain is adequate seasoning", or just "eat very little". The suggestion to only consume a small amount is meant to imply a low level of trust. It is the opposite of expressions like "Swallow if whole" and "Swallow it hook, line, and sinker".
Expanding the salt grain to mountainous proportions therefore means that you will accept the survey results with total creduluity.
So with "the nation's 500 fastest-growing private companies, from Inc magazine" data (see parent), the dominance of MS, to my great chagrin, is even worse:Who can find some interesting top-something companies list on which MS would get the low rating it deserves?
Sorry not to be replying to any particular post, but the sheer volume makes that a little difficult to manage.
It was good to see that, after a relatively brief spate of misdirected criticisms of our survey as being tainted by pro-Microsoft 'bias,' many contributors here saw that the data itself is pretty uncontroversial (and in fact easily reproducible), and instead began to address themselves to the questions that the survey was intended to raise -- namely, questions about what is an appropriate sampling methodology when attempting to measure HTTP server 'market share.'
Those are the sorts of conversations we were hoping to start, and it's good to see them under way here with such vigor.
Just to be clear: We have no real objection to the Netcraft results per se -- only to their being marketed as an unambiguously accurate picture of something called 'Web server market share.' We simply think that sampling this market is a more complicated affair than the endless recitation of the most commonly-sited Netcraft numbers would suggest.
A number of the contributors here who grant the legitimacy of our criticisms of Netcraft's methodology have raised the point that a sample based on Fortune 1000 sites isn't necessarily a good proxy for Web server market share either. (Since some of these sites are nothing more than glorified brochureware, and so on.) I think that's entirely correct.
In a sense, our survey simply sets one type of partial snapshot, with its own kind of built-in sampling bias, alongside another. But then our aim wasn't to be definitive. It was simply to remove the halo of definitiveness from the Netcraft survey -- and to get people thinking about what it would take to be definitive in this context.
And as I say, some of that thinking is on display here. Folks like ChaosDiscord are almost certainly right to suggest that it would be more accurate (or interesting) to sample the server choices of high-traffic sites. We hope to cover some of this territory in future surveys.
Thanks to all those who looked past the fact that we happen to make commercial software for IIS, and actually engaged with our survey's findings and implications. And happy Thanksgiving to one and all.
Joe
Port80 Software