One of the goals of Apache/2.0 was to better support operating systems other than Unix. While the Windows version of Apache/1.3 was advertised as experimental, it was hoped that in Apache/2.0 it would become much more widely established. However, since the first general release of Apache/2.0 there have been a string of security problems in the Windows (and other non-Unix) versions that may undermine confidence in the suitability of Apache for these platforms.
msapache.gif
Windows Apache entries listed at mitre.org's common vulnerabilities database include directory traversal using dot-dot paths, revealing script source by appending invalid characters, and DOS device names causing a denial-of-service. The striking thing is that these are sterotypical vulnerabilities that over the years many other products have suffered from, and fixed. Apache developers will be disappointed that they were not able to learn from other people's mistakes sufficiently well to pre-empt the same vulnerabilities appearing in their own server.
In the current month's survey we find over 16,000 Apache Win32 sites on the 'Web which may be vulnerable to one of these problems.
Notwithstanding the security problems, the support for threading in Apache/2.0 is a major performance breakthrough for the Windows version and consquently sites using Apache on Windows have a bigger incentive to upgrade to version 2 than sites on Unix. This is reflected in the relative uptake of Apache/2.0: a little over 1% of all Apache sites are running version 2, but amongst Windows servers the proportion is over 7%.
World's second largest vendor of Windows machines chooses NT4 for Web Site
What reason might Dell give for running www.dell.co.uk on NT4?
* When we say "Upgrade!" you must do what we say, not do what we do
* We're still waiting for our order to be delivered
* It's not broke, and we dont need to fix it.
* We're less of a target for attackers. There's no kudos in hacking anything more than 5 years old.
* We've been evaluating Linux, and have not yet reached a decision.
* It's just the front end machines. Everything else has been running Windows 2003 for months. Honest!
* The cobblers children didnt have shoes, either.
* That site doesnt see a lot of traffic. It just redirects to www.euro.dell.com
* If you think that running NT4 doesnt do a lot for our product advocacy, then you haven't seen what our evil competitor runs
www.byteandswitch.com reboots after two years
Last month we pointed out a Windows 2000 site that had gone over two years without a reboot.
Unfortunately, www.byteandswitch.com's proud run came to an end coinciding with the SQL-Slammer worm at the end of January.
Reports and Interactive Queries
Reports are provided showing server usage for the Internet as a whole, and for selected domains, with links to all the sites responding to the survey. A facility for you to check what server a particular site is running now is also available. The same form can be used to ensure that a particular site is included in future surveys. A directory of sites running in developer domains is also provided, while the sites discovered by the survey can be explored.
Fair Use, Copyright
Excerpts from this survey may be reproduced if Netcraft and the url http://www.netcraft.com/survey/ are attributed.
Slashdot Mirror
Shit...that's a good troll.
Shit...that's a good nickname!
What part of slash was eliminated that allowed the editors to edit the story after it was posted?
Hey, have a toaster!
Around the Net
Apache on Windows Struggling?
One of the goals of Apache/2.0 was to better support operating systems other than Unix. While the Windows version of Apache/1.3 was advertised as experimental, it was hoped that in Apache/2.0 it would become much more widely established. However, since the first general release of Apache/2.0 there have been a string of security problems in the Windows (and other non-Unix) versions that may undermine confidence in the suitability of Apache for these platforms. msapache.gif
Windows Apache entries listed at mitre.org's common vulnerabilities database include directory traversal using dot-dot paths, revealing script source by appending invalid characters, and DOS device names causing a denial-of-service. The striking thing is that these are sterotypical vulnerabilities that over the years many other products have suffered from, and fixed. Apache developers will be disappointed that they were not able to learn from other people's mistakes sufficiently well to pre-empt the same vulnerabilities appearing in their own server.
In the current month's survey we find over 16,000 Apache Win32 sites on the 'Web which may be vulnerable to one of these problems.
Notwithstanding the security problems, the support for threading in Apache/2.0 is a major performance breakthrough for the Windows version and consquently sites using Apache on Windows have a bigger incentive to upgrade to version 2 than sites on Unix. This is reflected in the relative uptake of Apache/2.0: a little over 1% of all Apache sites are running version 2, but amongst Windows servers the proportion is over 7%.
World's second largest vendor of Windows machines chooses NT4 for Web Site What reason might Dell give for running www.dell.co.uk on NT4?
* When we say "Upgrade!" you must do what we say, not do what we do
* We're still waiting for our order to be delivered
* It's not broke, and we dont need to fix it.
* We're less of a target for attackers. There's no kudos in hacking anything more than 5 years old.
* We've been evaluating Linux, and have not yet reached a decision.
* It's just the front end machines. Everything else has been running Windows 2003 for months. Honest!
* The cobblers children didnt have shoes, either.
* That site doesnt see a lot of traffic. It just redirects to www.euro.dell.com
* If you think that running NT4 doesnt do a lot for our product advocacy, then you haven't seen what our evil competitor runs
www.byteandswitch.com reboots after two years
Last month we pointed out a Windows 2000 site that had gone over two years without a reboot.
Unfortunately, www.byteandswitch.com's proud run came to an end coinciding with the SQL-Slammer worm at the end of January.
Reports and Interactive Queries Reports are provided showing server usage for the Internet as a whole, and for selected domains, with links to all the sites responding to the survey. A facility for you to check what server a particular site is running now is also available. The same form can be used to ensure that a particular site is included in future surveys. A directory of sites running in developer domains is also provided, while the sites discovered by the survey can be explored.
Fair Use, Copyright
Excerpts from this survey may be reproduced if Netcraft and the url http://www.netcraft.com/survey/ are attributed.
Shit...that's a good joke!
Shit...that's a good third post!
Nickname!!!
Hi! please allow me to introduce myself. I am "Shit....that's a good _______"
I will be responding to random postings with little fill-in-the-blank tidbits.
Enjoy! Because, Shit.....that's a good ______ !