Posted: 11/30/2002 6:57:39 AM EDT
|
The November 2002 Netcraft Web Server Survey is out; http://www.netcraft.com/survey/ Top Developers Developer Percent Apache 60.54 Microsoft 28.89 Zeus 2.02 iPlanet 1.36 Active Sites Developer Percent Apache 65.39 Microsoft 25.06 Zeus 1.35 iPlanet 1.42 Around the Net The survey records a net gain of around half a million sites this month, as increases in the rest of the world outweighed a continuing fall in the USA. Since the start of the year, the proportion of the sites found by the survey in the US has fallen from 56% to 45%. This primarily reflects the reduction of sites parked at domain registration companies and the decline of advertising funded mass hosting. However there has also been a net repatriation of existing active sites out of America as hosting services in the rest of the world have become more comparable with those in US. Climate change kills Hosting Dinosaurs [1]Genuity, nee BBN Planet, was put into administration yesterday, with [2]Level 3 agreeing to buy its assets. Earlier in the month Cable & Wireless [3]announced that it will close 23 out of 42 datacenters, many acquired only a year ago when C&W bought Exodus after Exodus itself had entered Chapter 11, and in the process turf out customers currently paying over $300M in annualised revenue. Cable & Wireless' situation sounds appalling, but viewed from the internet its decline appears not significantly worse than its near competitors. Most of the best known colocation companies have seen declines of in the region of 20% or more in the numbers of ip addresses running web servers over the last year. Digex, which shows a 75% decline, divested part of its customer base to Allegiance Telecom during the year, while PSI has suffered a prolonged decline since its financial problems became clear to all in late 2000. With the exception of Cable & Wireless, all of the companies in the first table below have suffered large losses and financial distress. Dinosaurs Number of IP Addresses hosting Websites Hoster Dec 01 Nov 02 Change cw.net 11,980 9,653 -19.4% exodus.net 10,797 8,605 -20.3% gblx.net 6,681 4,767 -28.6% above.net 5,838 4,133 -29.2% level3.net 8,980 5,449 -39.3% digex.com 9,883 2,374 -76.0% psi.net 5,244 1,272 -75.7% By contrast, the most successful hosting companies in terms of growth of ip addresses hosting internet web sites, are smaller organisations that have grown primarily with funding supplied by customers, rather than investors. Some have had no external investor funding at all, and venture capitalists must deeply regret not only the extent to which companies like Exodus and Digex were funded, but also that they overlooked, or were denied access to, some of the safest opportunities in the industry. Primates Number of IP Addresses hosting Websites Hoster Dec 01 Nov 02 Change rackshack.net 5,152 13,459 +161.2% crystaltech.com 6,874 11,170 +62.5% dialtoneinternet.net 22,441 31,351 +39.7% ratiokontakt.de 6,444 8,375 +30.0% he.net 9,659 12,493 +29.3% datapipe.net 13,603 17,340 +27.5% rackspace.com 8,776 11,160 +27.2% Hosting industry participants will likely regard Rackshack as a unique company which has hit a sweet spot with customers, but will take note that while the dedicated server industry was kickstarted by Cobalt, today several of the fastest growing companies, typified by Crystaltech and Datapipe, are ones that have given prominence to hosting on Windows. Microsoft RDS vulnerability not likely to be pervasive on web servers Microsoft have recently announced a [4]critical security vulnerability in Microsoft's Data Access Components (MDAC). MDAC contains a feature called Remote Data Services (RDS), a technology to provide a database interface over HTTP. It has been an optional component for Microsoft-IIS since version 4, and is integrated into Internet Explorer. Some people have interpreted a widely sourced [5]Bloomberg news article in which our figure of 4 million active web sites running Microsoft-IIS and the word "Worm" appear in close proximity, as implying that the majority of Microsoft-IIS web servers are vulnerable. Although we do not have any directly observed information on how many internet sites use RDS, the results we see on sites having their security tested for the first time in our own [6]security testing business indicate that the percentage of public Microsoft-IIS sites using RDS is likely to be small. Approximately 8% of Microsoft-IIS sites tested in 2001 had RDS open to the public; in 2002 this has fallen to around 5%. This fall can be largely explained by the gradual migration of sites to Microsoft-IIS/5.0, where RDS is not enabled by default. Almost no Microsoft-IIS/5.0 sites we have tested were offering RDS and the proportion of Microsoft-IIS/4.0 sites offering RDS is fairly stable at around one in four. The caveats are that this is a small [hundreds of sites] and biased [our customers are more likely to be running version 5.0 of Microsoft-IIS than the internet as a whole] sample, rather than a census, but we think that only a fairly small section of the Microsoft-IIS community is likely to use RDS, and that it is rarely enabled on public sites. Microsoft's security checklists and IIS lockdown tool have long encouraged webmasters to disable RDS. |