Major hosting companies continue to slash prices for hosting accounts and domain names in an effort to attract small businesses launching new web sites.

1&1, the world's largest hosting company, has introduced Beginner Accounts for both Linux and Microsoft servers. The accounts are just $2.99 a month, and include a domain name, 1 gigabyte of web space, 2 gigabytes of email storage, 50 gigabytes of monthly transfer, 150 email accounts and a MySQL database. The account specs, which would have seemed extraordinary several years ago, are consistent with an industry trend in which providers compete on disk space and bandwidth, rather than price. By offering features consistent with a standard plan in an economy offering, 1&1 seems intent on doing both.

The past two months have been an extraordinary time for the InterCosmos Group, which operates a network of Internet companies in New Orleans. The company's colocation and hosting unit, Zipa, gained 990,000 hostnames between Aug. 15 and Sept. 15, capping a year of strong hostname growth. The huge gain appears to have come almost entirely from the registration of new domains that are now parked at Zipa, which added just 15,000 active sites on the month.

The company gained widespread notice during Hurricane Katrina, when its staff labored to keep its operations online as the city was battered and flooded. InterCosmos' domain registrar business, DirectNIC, is housed on the 10th and 11th floors of a 27-floor office tower near Lafayette Square, a portion of New Orleans that escaped the worst of the flooding. Employees live-blogged their efforts and posted photos of the storm's impact on the DirectNIC facility. An on-site webcam broadcast video of looting on surrounding streets.

The business of advertising on parked domains is facing a shakeout that could dampen speculation in the domain name market. The domain advertising business, which is based on pay-per-click advertising from Google and Yahoo, has seen explosive growth this year. This week one of the industry's largest players, DomainSponsor, announced that it was shifting its payment model to combine pay-per-click and pay-per-sale ads.

The shift is driven by advertiser concerns about low conversion rates on click-throughs from parked domains. While the new model offers higher payouts for domains that generate sales, it will also mean smaller checks for domains that produce click-throughs but no sales. It also reduces the incentive for click fraud, which is believed to inflate the cost of campaigns in some advertising niches.

Industry observers say other domain parking services may soon follow DomainSponsor's lead. "Is this a sign of things to come? Probably," notes Leonard Holmes of Domain Parking News. "Some of the other major players have beta projects that seem to offer the same promise - a bonus for higher 'traffic quality.' "

A phishing attack led the Bank of New Zealand to take its online banking web site offline Thursday to prevent scammers from draining customer accounts. The bank said that although there had been no threat to its Internet infrastructure, the site was shut for eight hours to protect customers who shared their banking logins with a spoof web site operated by a phishing crew. The BNZ web site came back online Thursday evening with "restricted functionality," and returned to full service on Friday, bank spokesman told the National Business Review.

Bank of New Zealand said it will continue to closely monitor Internet banking transactions, and has revised daily transaction limits for all customers. The bank also suspended Internet banking access for customers who enteered their details at the fake site.

Internet backbone provider Level 3 Communications reported "wide spread network instability" overnight, causing connectivity problems for many ISPs and hosting companies that rely on Level 3 for high-speed Internet access. The outage lasted several hours before service was restored. A discussion on the North American Network Operators Group mailing list offers additional details on the outage.

Level 3 is one of the largest providers of wholesale dial-up service to ISPs in North America and also connects millions of broadband subscribers to the Internet through its cable and DSL partners.

The explosion of spam blogs on Google's Blogspot hosting service is drawing a chorus of condemnation from prominent bloggers, and has led at least one blog search service to stop indexing posts on Blogspot. The growth of spam blogs has accelerated in recent months, fueled by automated tools that can create blogs on Blogspot and some similar services and populate them with keyword-optimized posts and Google AdSense advertisements.

About 39,000 fake blogs have been created on the web in the past two weeks, according to an analysis by Technorati, or about 4.6 percent of the 805,000 new weblogs created in that period. FightSplog, which has been monitoring new blogs at Blogspot, recently documented 2,763 porn splogs created by a single "splogger." Blogspot-based spam blogs recently began featuring names of prominent bloggers in posts, boosting the splogs' visibility in searches at web-based RSS aggregators like Feedster, PubSub and Bloglines.

The move prompted IceRocket to stop indexing new posts from Blogspot.com, according to a blunt post from Mark Cuban, a major investor in IceRocket. Cuban says Blogspot indexing will resume once filters are adjusted, but warned Google to fix the problem or face a permanent ban. Bloggers are also focusing their fire on Google, which has stepped up its splog-squashing efforts in recent weeks but still can't keep pace with the automated instasplogs. "If your motto truly is to do no evil, then you need to start putting some resources behind an effort to curb this train wreck," LockerGnome's Chris Pirillo advised Google.

Microsoft has issued workaround instructions for a buggy patch issued last Tuesday as part of its monthly security update. The patch repairs a critical security hole, which could leave Windows 2000 systems open to an Internet worm attack. Microsoft says that few systems have been affected by issues with the update for a security hole known as MS05-051, which could allow attackers to gain control of Windows 2000 computers via an unchecked buffer in the Microsoft Distributed Transaction Coordinator (MSDTC).

Late last week users began reporting significant problems on some Windows XP, Windows 2000 and Windows Server 2003 systems after the patch was applied. Although few users were directly affected, the bug reports may have prompted many network administrators to delay patching their systems until the issues were resolved.

The Apple Store was offline for more than an hour following the launch of a new video-enabled iPod, which was unveiled today after months of anticipation. While the launch of a new Apple product routinely leads to brief "restocking" outages for the Apple store, today's downtime was longer than usual, perhaps due to web traffic generated by the pent-up curiosity of iPod lovers.

The video iPod has a 2.5-inch screen and will sell for $299 for the 30-gigbyte hard drive, and $399 for 60 gigs. Apple's iTunes store will now sell music videos and some TV programming at $1.99 per video.

OpenSSL has released a software update to fix a flaw that could make it easier for hackers to attack secure web servers. The security issue could allow attackers to force an SSL-enabled site to use the outdated and potentially insecure SSL version 2.0 protocol.

Some secure web sites allow visitors to connect using earlier versions of SSL, an option which can be enabled by OpenSSL's SSL_OP_ALL setting. Normally, web servers will default to the most current encryption protocol supported by the user's browser, usually TLS or SSL version 3. But a flaw in the SSL_OP_ALL implementation could allow an attacker to trick the server into using SSL 2.0.

"An attacker acting as a 'man in the middle' can force a client and a server to negotiate the SSL 2.0 protocol even if these parties both support SSL 3.0 or TLS 1.0," notes the advisory from OpenSSL. "The SSL 2.0 protocol is known to have severe cryptographic weaknesses and is supported as a fallback only." The OpenSSL Project is advising users to either upgrade their server software with the latest version or disable SSL 2.0 entirely.

Paypal will implement strengthened anti-phishing measures for up to 1 million users next year through a deal announced yesterday between VeriSign and eBay, which operates Paypal. While most of the headlines focused on eBay's purchase of VeriSign's payment processing unit for $370 million, the most widely-felt benefit of the deal will likely be the enhanced security for Paypal, which has been relentlessly targeted by phishing scams.

The agreement calls for eBay to buy up to 1 million two-factor authentication tokens from VeriSign. eBay and PayPal plan to begin the rollout of two-factor authentication to customers in 2006, including marketing and security programs designed to "promote customer adoption."

VeriSign has acquired Weblogs.com, the primary weblog "ping" service tracking how often weblogs are updated. The deal capped a wild Thursday in the blogosphere, which started with the announcement that America Online has bought Weblogs Inc., one of the most prominent blogging networks.

While the AOL-Weblogs Inc. deal is focused on content, VeriSign's purchase of Weblogs.com from founder Dave Winer is all about infrastructure. "For a long time, ping servers could be stood up as a single box running on a fast business DSL connection," noted VeriSign's Mike Graves on the company's Infrablog. "Those days have passed at least for the popular ping servers; pings are well on their way to requiring serious infrastructure. That’s where VeriSign comes in."

In the October 2005 survey we received responses from 74,409,971 sites, an increase of 2.68 million sites from the September survey. The large gain makes 2005 the strongest year ever for Internet growth, as the web has added 17.5 million sites, easily surpassing the previous annual mark of 16 million during the height of the dot-com boom in 2000.

This month also saw movement in web server market share for the first time in many months, with Windows servers gaining 0.75 percent market share in active sites, while Apache's share fell by 0.67 percent. Apache continues to maintain a large lead in both active sites and hostnames, and in fact improved its share by 0.74 percent in hostnames. With this month's growth, Apache now powers more than 50 million sites.

Hostway, Datapipe, France Telecom and Express Technologies share the top slot as as the most reliable hosting company sites this month.

Express Technologies (Hosting.com), a provider based in Louisville, Kentucky, makes its first appearance of 2005 among the most reliable hosters after four showings in the top 10 in 2004. This month also marks Express Tech's first time as the leading performer. Datapipe shared the top spot last month (along with Rackspace and Tiscali), while Hostway was the most reliable hoster in our April survey.

Five Linux sites are found in the top 10 this month, along with three sites running on Windows 2000, and one apiece on Windows Server 2003 and FreeBSD.