Slashdot Mirror

← Back to Stories (view on slashdot.org)

Breakdowns of Website Defacement by Platform

Posted by CmdrTaco on from the something-to-think-about dept.

SkiifGeek writes "Zone-H have recently posted the statistical breakdown of the collected website defacements from the last few years. Surprisingly, in 2007 more Linux servers suffered a successful attack than all versions of Windows, combined. Similarly, more Apache installations were successfully attacked than all IIS versions combined. A day after posting this data, Zone-H have questioned the appropriateness of continuing to operate the archive. Despite the valuable information that can be gleaned from the service, it may soon be lost to the world. The natural successor to the now-defunct Alldas archive of defaced websites, Zone-H's archive maintains records of over 2.6 million defaced sites but may be shut down due to the continuous accusations of impropriety leveled against them any time they disclose and mirror a reported defacement."

6 of 203 comments (clear)

  1. "Surprisingly"? by Quietus · · Score: 5, Interesting

    Given the proportion of Apache servers to IIS servers on the Internet, I don't think the ~280% difference is that strange. After all, most websites are vandalised through oversights in custom scripting etc., rather than security holes in Apache.

    1. Re:"Surprisingly"? by cbart387 · · Score: 3, Interesting

      Hmm.. I though here in Slashdot many people deny that there are more succesful attacks in Windows just because it is the more popular platform. Not everyone. I'm not a fan of windows, only because I find Linux more responsive and easier to use for my programming. I agree with you however that there is a double standard here. People who bash Windows (where it's not warranted) get modded insightful, However when they try to defend Windows it's flamebait or troll. I'd go on a rant but I just wanted to say not everyone screams Windows security sucks yadda yadda yadda
      --
      Lack of planning on your part does not constitute an emergency on mine.
  2. Summary skewed. by Lumpy · · Score: 3, Interesting

    Of course Apache and linux have more attacks than windows.

    There are far more honda civics successfully stolen in the USA than BMW Isetta's Or Smart TwoFours This is because there are well over 5000 civics on the road for every BMW Isetta or Smart TwoFour on the road.

    By the summary's mention and what it is alluding to, BeOS servers are the most secure because NONE of them have been compromised on the internet.

    --
    Do not look at laser with remaining good eye.
  3. Re:Weighted for market share? by lseltzer · · Score: 2, Interesting

    The Google blog you cite essentially admits it's not as accurate as the Netcraft survey, which shows the market shares much closer, i.e. about 51 to 36.

    But neither of them is really measuring market share; they're measuring share by domain, not server. So if you assume that one OS has more domains on it, on average, than the other, then its "market share" is proportionally less than the numbers in the survey. Personally, based on what I know about the hosting market, I would assume that Apache servers have more domains on average than most Windows servers, but that's a guess.

  4. While I agree with the thrust of the comments... by HerculesMO · · Score: 2, Interesting

    I have to kind of sit back and laugh, since the defense to Apache/Linux comes in the form of "bad scripting" or other holes created by poor admin skills.

    And I totally agree.

    Then why do we always sit here and blast Windows and Microsoft, when in fact good admins keep their boxes running with an optimal uptime, performance, etc? I will agree with the 95/98/ME era, but coming into XP and 2003 Server, I think that it comes down to the skill of the admin to eek out the performance out of the Windows boxes rather than to expect it like most people here do. It seems quite hypocritical to me, but hey.. I'll probably be modded down for coming to a logical argument that might cast Microsoft in a positive light. I'm not a zealot, but I've seen both sides of the coin and I know that Windows boxes can be stable and bulletproof, if you have a good admin. And those admins get blue screens -- when hardware fails. I don't know what happens in Linux, but last I checked it doesn't deal with a bad RAM chip any better than Windows does.

    Just food for thought.

    --
    The price is always right if someone else is paying.
  5. Netcraft confirms it by greg1104 · · Score: 3, Interesting

    For once that's on topic. I stated to rant like everybody else on how this was skewed by not taking into account the market share of Apache vs. IIS, but that's not the real story here.

    Take a look at the "Webserver defaced" table. It's badly formatted in a couple of respects. Here's a copy of the interesting data with defacement numbers sorted by server platform:

    nginx 729
    IIS (total) 447
    Apache 319
    Rapidsite 244
    SonataServer 178

    nginx doesn't run on Windows; I'd expect most sites deploying it would be on Linux or BSD. Rapidsite runs on a customized Apache, and again while I haven't found a definitive statement here I'd expect virtual hosting using Apache is going to be Linux or BSD as well. I'd welcome corrections here if I'm wrong about that.

    Combine this with the Netcraft data and the initial conclusion I would reach is that Linux+Apache is still the most secure platform. The only reason the Linux numbers are so inflated is that they include some really crappy web servers with significant vulnerabilities running something other than stock Apache.

    I wish I had the raw data so I could ask some more interesting questions, like how things change you take the stupid user/admin data out. I don't care that it's possible to setup a platform up wrong and get simple vulnerabilities, I only care about how vulnerable a good installation is.