August 2002 Netcraft Web Server Survey

             The August 2002 Netcraft Web Server Survey is out;


                     http://www.netcraft.com/survey/


                                Top Developers                                 
                                                                               
            Developer July 2002 Percent August 2002 Percent Change             
            Apache     21453498   57.62    22859123   63.51   5.89             
            Microsoft  11866718   31.87     9139785   25.39  -6.48             
            Zeus         787071    2.11      765115    2.13   0.02             
            iPlanet      494567    1.33      486868    1.35   0.02             
                                                                               
                                 Active Sites                                  
                                                                               
            Developer July 2002 Percent August 2002 Percent Change             
            Apache     10811987   65.21    11001650   66.64   1.43             
            Microsoft   4176048   25.19     4074058   24.68  -0.51             
            iPlanet      214063    1.29      208968    1.27  -0.02             
            Zeus         183921    1.11      184143    1.12   0.01             
                                                                               

Around the Net

Microsoft loses around 6% share this month, as register.com continues to
fluctuate between using a Windows and Linux front end, and homestead.com,
which originally based its business model on support from advertising, cleared
away over a million sites. Homestead recently raised $5M from its investors to
assist its transition to a paid for serivces model. To complete a bad news
month for Microsoft's share of the survey, Reuters reports that the Federal
Trade Commission will investigate the relationship between Verisign and 
Interland with respect to marketing domain names. The NSI domain parking system
hosted at Interland is the other large repository of parked sites on the
Microsoft platform. Earlier in the year large numbers of sites were reaped at 
Namezero, which had a controversial relationship with NSI regarding reselling
domain names.


Apache SSL servers vulnerable to OpenSSL remote exploits

A detailed code review by Ben Laurie and colleagues at A.L. Digital has 
unearthed four remotely exploitable buffer overflows in OpenSSL. Some of these
can be used to execute arbitrary code on the server, and most sites using
Apache for encrypted transactions and ecommerce will be vulnerable to the
attack. Coming hard on the heels of the recent vulnerabilities remote
vulnerabilities in Microsoft Commerce Server, Microsoft-IIS, and the main
Apacheserver, a great many ecommerce sites are presently vulnerable to direct
attack over the internet.

Counter-intuitively, web site managers seem quicker to fix conventional HTTP
servers than SSL servers, perhaps because they recieve more traffic, or because
the http service is the conduit favoured by worm writers. Almost half of the 22
million Apache HTTP sites found by the survey are running Apache/1.3.26, whilst
only around a quarter of the Apache SSL sites are running this version, which
fixes the chunked encoding vulnerability. 


Explorer error allows impersonation of SSL sites

A recently demonstrated vulnerability in the Internet Explorer browser allows
web sites certified by Verisign to assume the identity of other sites,
including well known and widely used commerce sites. 

The vulnerability is regarded as fundamental in that the majority of people
working in the digital certification industry are employed to perform identity
checks on people and businesses to ensure that they are who they say are, and
that the Explorer bug allows an attacker to cut directly through that process.
In practice, impersonation of unrelated sites will also require that the
attacker poison the DNS or engage in some form of url rewriting, and so actual
attacks are likely to be thin on the ground. 

However, another possibility is that some people may utilise the vulnerability
to make use of Verisign certificates as a kind of company licence. Someone in a
large corporation might, instead of buying 100 certificates from Verisign, 
save money by buying just one, and produce the remaining 99 using the process
outlined by Mike Benham.


Who's winning in the hosting industry?

Presently, the mainstream coverage of the hosting industry is full of 
doom and gloom. In the last couple of weeks, Digex and Divine have each
reported $50M in quarterly losses, and many of the largest companies in 
the industry such as Worldcom, Global Crossing, and XO have set a course
of huge losses, bankruptcy and SEC investigation. 

Given the widespread coverage of these events, people could be forgiven 
for thinking that it was not possible to operate a hosting company at a 
profit, or even to grow revenue in the present environment. 

Yet, amidst the carnage, some companies with more carefully chosen business 
models have been able grow at rates which would normally be regarded as 
impressive, but seem outstanding in the current climate. 

Taking the hosting companies identified by the Web Server Survey and 
restricting the analysis to those that have no known finanical problems 
and were already large at the start of the year, shows that eight companies
companies have achieved roughly 30% growth [ rackspace is 29 and a fraction]
since the start of the year, and seem set for 50% year on year growth 
measured by responding ip addresses. 
 

    Hosting Companies with fastest increase in responding ip addresses  

         Hosting Company     January 2002   August 2002   Change 
         rackshack.[net]       5,485         10,329       88%   
         cybercon.com          8,607         12,373       44%   
         crystaltech.com       7,109         10,188       43%   
         interland.net        92,052        125,589       36%   
         dialtoneinternet.net 24,429         32,752       34%   
         sphere.ad.jp          8,173         10,771       32%   
         he.net                9,791         12,810       31%   
         rackspace.com         9,419         12,176       29%   


Leading the table by a wide margin is rackshack.net which offers exceptionally
cheap pricing. Rackshack also has an ISP business ev1.net, which may make its
cost of ownership of bandwidth lower than for pure dedicated server vendors.

It is noteworthy that all of the fastest growing companies are all majoring in
dedicated servers, although Interland and Crystaltech also have a large shared
business. Dedicated servers have proved the most successful segment of the
industry, though the largest shared hosters, Alabanza and Pair Networks are
also showing good growth, but at a rate below the companies in the table.

Also, noteworthy from Sun's perspective, is that few of the companies continue
to offer Cobalt, which was not long ago a defacto standard in the dedicated
server industry. Hosters now prefer servers from IBM, Compaq, or no name boxes,
with third party control panels. Notably, Rackshack dropped Cobalt near the
start of the year, not long after placing the largest ever order for Cobalt
servers in December.


References

  1. http://www.netcraft.com/whats?site=209.67.50.203
  2. http://www.homestead.com/
  3. http://q1.schwab.com/content/rb/2002/08/06/687873.html
  4. http://www.nsi.com/
  5. http://www.interland.com/
  6. http://www.namezero.com/
  7. http://www.aldigital.co.uk/
  8. http://www.cert.org/advisories/CA-2002-23.html
  9. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-033.asp
  10. http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/MS02-028.asp
  11. http://httpd.apache.org/info/security_bulletin_20020620.txt
  12. http://www.thoughtcrime.org/ie-ssl-chain.txt
  13. http://www.digex.com/
  14. http://www.divine.com/
  15. http://www.wcom.com/
  16. http://www.globalcrossing.com/
  17. http://www.xo.com/
  18. http://www.rackspace.com/
  19. http://www.rackshack.net/
  20. http://www.ev1.net/
  21. http://www.interland.com/
  22. http://www.crystaltech.com/
  23. http://www.alabanza.com/
  24. http://www.pair.com/



Internet Research from Netcraft.

Netcraft does commercial internet research projects. These include
custom cuts on the Web Server Survey data, hosting industry analysis, 
corporate use of internet technology and bespoke projects. All of the data 
is gathered through network exploration, not teleresearch.

sales@netcraft.com


Network Security Testing from Netcraft.

Netcraft provides automated network security testing of customer networks
and consultancy audits of ecommerce sites, Clients include IBM, 
Hewlett Packard, Deloitte & Touche, Energis, Britannic Asset Management,
Guardian Royal Exchange, Lloyds of London, Laura Ashley, etc.


Details at http://www.netcraft.com/security/


To unsubscribe from the Netcraft Web Server Survey Announcements list
send the message 

unsubscribe webserver-survey

to majordomo@netcraft.com

To resubscribe send the message

subscribe webserver-survey



Mike
-- 
Mike Prettejohn
mhp@@netcraft.com  Phone +44 1225 447500  Fax +44 1225 448600
Netcraft  Rockfield House  Granville Road Bath BA1 9BQ  England