The November 2002 Netcraft Web Server Survey is out;
http://www.netcraft.com/survey/
Top Developers
Developer October 2002 Percent November 2002 Percent Change
Apache 21258824 60.54 21699320 60.80 0.26
Microsoft 10144453 28.89 10239423 28.69 -0.20
Zeus 711998 2.03 775916 2.17 0.14
iPlanet 478413 1.36 488094 1.37 0.01
Active Sites
Developer October 2002 Percent November 2002 Percent Change
Apache 10470848 65.39 10729462 64.69 -0.70
Microsoft 4013397 25.06 4244842 25.59 0.53
Zeus 215957 1.35 271753 1.64 0.29
iPlanet 227424 1.42 230902 1.39 -0.03
Around the Net
The survey records a net gain of around half a million sites this
month, as increases in the rest of the world outweighed a continuing
fall in the USA. Since the start of the year, the proportion of the
sites found by the survey in the US has fallen from 56% to 45%. This
primarily reflects the reduction of sites parked at domain
registration companies and the decline of advertising funded mass
hosting. However there has also been a net repatriation of existing
active sites out of America as hosting services in the rest of the
world have become more comparable with those in US.
Climate change kills Hosting Dinosaurs
[1]Genuity, nee BBN Planet, was put into administration yesterday,
with [2]Level 3 agreeing to buy its assets. Earlier in the month
Cable & Wireless [3]announced that it will close 23 out of 42
datacenters, many acquired only a year ago when C&W bought Exodus
after Exodus itself had entered Chapter 11, and in the process turf
out customers currently paying over $300M in annualised revenue.
Cable & Wireless' situation sounds appalling, but viewed from the
internet its decline appears not significantly worse than its near
competitors. Most of the best known colocation companies have seen
declines of in the region of 20% or more in the numbers of ip
addresses
running web servers over the last year. Digex, which shows a
75% decline, divested part of its customer base to Allegiance
Telecom
during the year, while PSI has suffered a prolonged decline since
its
financial problems became clear to all in late 2000.
With the exception of Cable & Wireless, all of the companies in the
first table below have suffered large losses and financial distress.
Dinosaurs
Number of IP Addresses hosting Websites
Hoster Dec 01 Nov 02 Change
cw.net 11,980 9,653 -19.4%
exodus.net 10,797 8,605 -20.3%
gblx.net 6,681 4,767 -28.6%
above.net 5,838 4,133 -29.2%
level3.net 8,980 5,449 -39.3%
digex.com 9,883 2,374 -76.0%
psi.net 5,244 1,272 -75.7%
By contrast, the most successful hosting companies in terms of growth
of ip addresses hosting internet web sites, are smaller organisations
that have grown primarily with funding supplied by customers, rather
than investors. Some have had no external investor funding at all,
and
venture capitalists must deeply regret not only the extent to which
companies like Exodus and Digex were funded, but also that they
overlooked, or were denied access to, some of the safest
opportunities
in the industry.
Primates
Number of IP Addresses hosting Websites
Hoster Dec 01 Nov 02 Change
rackshack.net 5,152 13,459 +161.2%
crystaltech.com 6,874 11,170 +62.5%
dialtoneinternet.net 22,441 31,351 +39.7%
ratiokontakt.de 6,444 8,375 +30.0%
he.net 9,659 12,493 +29.3%
datapipe.net 13,603 17,340 +27.5%
rackspace.com 8,776 11,160 +27.2%
Hosting industry participants will likely regard Rackshack as a
unique
company which has hit a sweet spot with customers, but will take note
that while the dedicated server industry was kickstarted by Cobalt,
today several of the fastest growing companies, typified by
Crystaltech and Datapipe, are ones that have given prominence to
hosting on Windows.
Microsoft RDS vulnerability not likely to be pervasive on web servers
Microsoft have recently announced a [4]critical security
vulnerability in Microsoft's Data Access Components (MDAC). MDAC
contains a feature called Remote Data Services (RDS), a technology to
provide a database interface over HTTP. It has been an optional
component for Microsoft-IIS since version 4, and is integrated into
Internet Explorer.
Some people have interpreted a widely sourced [5]Bloomberg news
article in which our figure of 4 million active web sites running
Microsoft-IIS and the word "Worm" appear in close proximity, as
implying that the majority of Microsoft-IIS web servers are
vulnerable.
Although we do not have any directly observed information on how many
internet sites use RDS, the results we see on sites having their
security tested for the first time in our own [6]security testing
business indicate that the percentage of public Microsoft-IIS sites
using RDS is likely to be small.
Approximately 8% of Microsoft-IIS sites tested in 2001 had RDS open
to
the public; in 2002 this has fallen to around 5%. This fall can be
largely explained by the gradual migration of sites to
Microsoft-IIS/5.0, where RDS is not enabled by default. Almost no
Microsoft-IIS/5.0 sites we have tested were offering RDS and the
proportion of Microsoft-IIS/4.0 sites offering RDS is fairly stable
at
around one in four.
The caveats are that this is a small [hundreds of sites] and biased
[our customers are more likely to be running version 5.0 of
Microsoft-IIS than the internet as a whole] sample, rather than a
census, but we think that only a fairly small section of the
Microsoft-IIS community is likely to use RDS, and that it is rarely
enabled on public sites. Microsoft's security checklists and IIS
lockdown tool have long encouraged webmasters to disable RDS.
References
1. http://investor.genuity.com/notice.cfm
2. http://www.l3.com/
3.
http://investor.ft.com/custom/ftmarkets-com/news/story.asp?FTSite=FTMW&g
uid={4E4F91D4-BC7D-421F-B7F8-F53448DC11BD}
4. http://www.microsoft.com/security/security_bulletins/ms02-065.asp
5.
http://www.stltoday.com/stltoday/business/stories.nsf/Business/FB9BAFE31
FD76D3386256C780026E0AC?OpenDocument&Headline=Microsoft+flaw+could+let+h
ackers+control+PCs,+servers
6. http://www.netcraft.com/security/
Internet Research from Netcraft.
Netcraft does commercial internet research projects. These include
custom cuts on the Web Server Survey data, hosting industry analysis,
corporate use of internet technology and bespoke projects. All of the
data
is gathered through network exploration, not teleresearch.
[EMAIL PROTECTED]
Network Security Testing from Netcraft.
Netcraft provides automated network security testing of customer
networks and consultancy audits of ecommerce sites, Clients include IBM,
Hewlett Packard, Deloitte & Touche, Energis, Britannic Asset Management,
Guardian Royal Exchange, Lloyds of London, Laura Ashley, etc.
Details at http://www.netcraft.com/security/
To unsubscribe from the Netcraft Web Server Survey Announcements list
send the message
unsubscribe webserver-survey
to [EMAIL PROTECTED]
To resubscribe send the message
subscribe webserver-survey
Mike
--
Mike Prettejohn
mhp@@netcraft.com Phone +44 1225 447500 Fax +44 1225 448600 Netcraft
Rockfield House Granville Road Bath BA1 9BQ England
-----Original Message-----
From: Webmaster33 [mailto:[EMAIL PROTECTED]
Sent: 02 December 2002 04:34
To: [EMAIL PROTECTED]
Subject: Re: The ways of combating M$
>yes apache is stable and takes up less space but I doubt it could
>handle many hits per second
Is that true, that Apache can not handle so many hits/second like IIS? I
searched for some performance comparison article,
but there are not too much. Some of them:
Apache 2.0 Beats IIS at Its Own Game:
http://www.eweek.com/article2/0,3959,3763,00.asp
eWeek Labs preliminary tests of Apache 2.0 & IIS 5.0:
http://www.eweek.com/article2/0,3959,15300,00.asp
Apache Avoids Most Security Woes (very interesting):
http://www.eweek.com/article2/0,3959,1866,00.asp
IIS: Stay or Switch?: http://www.eweek.com/article2/0,3959,40751,00.asp
The Anatomy of a Frontal Assault on Apache: Microsoft's Web Server
Strategy
http://linuxtoday.com/news_story.php3?ltsn=1999-06-28-023-05-NW-SM
How does Apache compare to other servers?
http://httpd.apache.org/docs/misc/FAQ.html#compare
(It is outdated, the mentioned service is not working fine)
M$ always produced big & slow applications. I do not think, that IIS can
have higher performance, than an optimized Apache.
Apache should handle more STATIC html pages per second, compared to IIS.
The DYNAMIC page performance using Apache + script interpreter(Perl,
PHP), is another thing, it can not compared to STATIC performance.
Apache developer opinions?
What is performance of Apache compared to IIS?
Webmaster33
*********** REPLY SEPARATOR ***********
On 2002. 12. 01. at 19:15 DaMouse wrote:
>the user interface that comes with ApacheConf is lovely and if it was
>added to the standard distribution could go along way, but another
>thing that M$ gets better at is making there servers able to withstand
>almost anything, yes apache is stable and takes up less space but I
>doubt it could handle many hits per second my $0.02
>
>-DaMouse
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: [EMAIL PROTECTED]
>For additional commands, e-mail: [EMAIL PROTECTED]
*********** END REPLIED MESSAGE ***********
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
