1. HMRC phishing site hosted on gov.uk domain

    An ongoing phishing attack against UK taxpayers is being given additional credibility by using a gov.uk domain. Sefton Council is hosting the phishing content on its Novel GroupWise 7.0 site at web11.sefton.gov.uk.

    The phish follows one of the typical ploys commonly seen in HMRC and IRS phishing attacks: The victim is led to believe that they can receive a tax refund by submitting their full credit card details, but these details are instead sent directly to the fraudster behind the attack.

    gov-uk-phish-resized.png

    The fraudulent form submits the victim's details to a PHP script hosted at www.zamoh.biz.

    gov-uk-phish-action.png

    The UK's Central Office of Information is responsible for deciding who can register gov.uk domains. Eligibility is strictly limited, which helps to preserve the integrity of the gov.uk namespace; however, this obviously has an undesirable effect when this integrity is leveraged by fraudulent content on compromised servers. Netcraft has informed Sefton Council about this phishing attack.

    Netcraft provides an Automated Vulnerability Scanning service which regularly tests your internet infrastructure, supplies the information you need to maintain your security and eliminate vulnerabilities, and audits that it has found no serious vulnerabilities using a dynamically generated seal.

    Posted by Paul Mutton on 1st September, 2009 in Security

  2. August 2009 Web Server Survey

    In the August 2009 survey we received responses from 225,950,957 hostnames — 13.7M less than in July.

    Much of the drop this month is due to the expiry of a large number of sites at The Planet, including 5 million sites in the .pl top-level domain all on one IP address, which were believed to be part of a linkfarm.

    Lighttpd Sites

    Lighttpd had a significant gain this month, rising to over two million sites, just under 1% of the survey. Lighttpd is a webserver designed for high performance environments. It has a small memory footprint, a large feature set and is licensed under a revised BSD license. Originally written by Jan Kneschke, Lighttpd is now maintained by a small team of developers, and now hosts a large number of popular and high traffic sites, including mininova.org and the controversial Pirate Bay.

    Total Sites Across All Domains August 1995 - August 2009

    Total Sites Across All Domains, August 1995 - August 2009

    Graph of market share for top servers across all domains, August 1995 - August 2009

    Top Developers
    DeveloperJuly 2009PercentAugust 2009PercentChange
    Apache113,019,86847.17%104,611,55546.30%-0.87
    Microsoft55,918,25423.34%49,579,50721.94%-1.39
    qq.com30,447,36912.71%30,278,98813.40%0.69
    Google14,226,9045.94%14,213,9766.29%0.35
    nginx10,174,5734.25%11,502,1095.09%0.84
    lighttpd1,326,2400.55%2,025,5210.90%0.34

    (more...)

    Posted by Netcraft on 31st August, 2009 in Web Server Survey

  3. Apache.org Compromised

    Apache.org has been offline for 3 hours this morning, after one of their servers was compromised. Their sites were displaying the message:

    apache-compromise.png

    The message goes on to say that the compromise is "not due to any software exploits in Apache itself", but was instead due to a compromised SSH key.

    Update: Most of apache.org's sites have been back online this afternoon after they switched over to servers not compromised in the attack. Apache have released more information about the incident: an account used for backups was compromised on a back-end server. This server distributes content to Apache's public web servers, so the attackers used it to distribute scripts to the web servers; once the scripts were public, the attackers could execute them remotely, gaining access to the web servers as well. But these rogue processes were detected, so the servers were taken offline for investigation and clean-up.

    (more...)

    Posted by Colin Phipps on 28th August, 2009 in Security

  4. Most Reliable Hosting Company Sites in July 2009

    Rank Company site OS Outage
    hh:mm:ss
    Failed
    Req%
    DNS Connect First
    byte
    Total
    1 Web.com Windows 2000 0:00:00 0.010 1.197 0.039 0.119 0.353
    2 New York Internet FreeBSD 0:00:00 0.010 0.123 0.071 0.148 0.362
    3 Virtual Internet Linux 0:00:00 0.010 2.505 0.102 0.283 0.534
    4 Hosting 4 Less Linux 0:00:00 0.010 0.296 0.105 0.215 0.428
    5 DataPipe unknown 0:00:00 0.014 0.416 0.024 0.049 0.049
    6 Swishmail FreeBSD 0:00:00 0.014 2.371 0.033 0.066 0.157
    7 INetU unknown 0:00:00 0.014 1.246 0.088 0.184 0.414
    8 www.netcetera.co.uk Windows Server 2003 0:00:00 0.019 1.368 0.079 0.161 0.383
    9 Pair Networks FreeBSD 0:00:00 0.019 0.993 0.093 0.189 0.468
    10 Server Intellect Windows Server 2008 0:00:00 0.019 1.090 0.112 0.227 0.455

    See full table

    Web.com, New York Internet, Virtual Internet and Hosting 4 Less had the most reliable hosting company sites in July 2009, with each site only failing to respond to a single request from our performance monitors.

    This is Web.com's first appearance as joint number one. Web.com is the only company in this month's top ten whose site is served by Microsoft IIS/5.0. Web.com offers a variety of Linux, Windows and eCommerce hosting packages, as well as managed email and domain name registration, and web design services.

    This month is New York Internet's fifth at the top of the table this year. They also made the number one spot in January, February, April and May. New York Internet offer colocation, dedicated servers, disaster recovery, web hosting, E-mail, DSL access and managed services.

    This is the second month this year in which Virtual Internet has been joint first, and it has stayed in the top ten since April. Virtual Internet offer managed and cloud hosting as well as managed messaging and collaboration services.

    Hosting 4 Less are one of the most reliable hosting companies for the third time this year, after coming joint first in March and April. Hosting 4 Less are based in California, and offer web, FTP and eCommerce hosting. They also run backup4less, an online backup service.

    This month's top ten sees three company sites using Windows (including Windows Server 2008, 2003 and 2000), as well as three running FreeBSD and two running Linux.

    (more...)

    Posted by Matthew Hunt on 4th August, 2009 in Hosting, Performance

  5. July 2009 Web Server Survey

    In the July 2009 survey we received responses from 239,611,111 sites, an increase of around 1.5 million sites from last month. There was a substantial increase in sites on Google's Blogger service, which had 2.2 million more sites in use this month.

    Although Microsoft loses active sites overall this month, Microsoft-IIS/7.0 — shipped with Windows Server 2008 and Vista — continues to grow, passing 3 million sites (with 2 million active sites) this month. 2.4 million of these IIS/7.0 sites are in the United States.

    nginx had another strong month, gaining over 300,000 active sites at China Unicom and another 100,000 active sites due to continued growth at Wordpress.com.

    Total Sites Across All Domains August 1995 - July 2009

    Total Sites Across All Domains, August 1995 - July 2009

    Graph of market share for top servers across all domains, August 1995 - July 2009

    Top Developers
    DeveloperJune 2009PercentJuly 2009PercentChange
    Apache112,162,11047.12%113,019,86847.17%0.05
    Microsoft59,034,21324.80%55,918,25423.34%-1.46
    qq.com30,447,36912.79%30,447,36912.71%-0.08
    Google11,858,8404.98%14,226,9045.94%0.96
    nginx8,771,4153.69%10,174,5734.25%0.56
    Sun715,0800.30%729,5070.30%0.00

    (more...)

    Posted by Netcraft on 28th July, 2009 in Web Server Survey

  6. DataPipe had the Most Reliable Hosting Company Site in June 2009

    Rank Company site OS Outage
    hh:mm:ss
    Failed
    Req%
    DNS Connect First
    byte
    Total
    1 DataPipe FreeBSD    0.000  1.230 0.008 0.017 0.018
    2 New York Internet FreeBSD  0:00:00  0.005  0.129 0.060 0.124 0.272
    3 ReliableServers.com unknown  0:00:00  0.005  0.309 0.063 0.132 0.198
    4 iWeb Technologies Linux  0:00:00  0.005  1.329 0.076 0.152 0.221
    5 34SP.com Ltd. FreeBSD  0:00:00  0.005  0.748 0.107 0.676 1.016
    6 GoDaddy.com Inc Windows Server 2003  0:00:00  0.005  0.353 0.112 0.229 1.269
    7 INetU unknown  0:00:00  0.010  1.518 0.063 0.134 0.279
    8 Swishmail FreeBSD  0:00:00  0.010  0.616 0.074 0.149 0.313
    9 Virtual Internet Linux  0:00:00  0.015  1.796 0.058 0.174 0.320
    10 www.navisite.com Linux  0:00:00  0.015  2.205 0.064 0.555 0.698

    See full table

    DataPipe had the most reliable hosting company site in June 2009. The company's site responded without fail to every request made by Netcraft's performance collectors throughout the month.

    This is DataPipe's second appearance at the top so far this year. Jersey City based DataPipe has established partnerships with Cisco, FreeBSD, HP, Microsoft, Oracle, Red Hat, Sun, and VMware, and its commitments to customer service were recognised in this year's Stevie Awards, where the company was listed as a finalist in the Customer Service Department of the Year - IT & Telecommunications category. The company has more than 1,500 customers in six data centres and eight business office locations in the United States, the United Kingdom and China.

    Among June's top ten hosting company sites, four companies (including DataPipe) run their sites on FreeBSD. Three other companies run their sites on Linux, while the remaining identifiable operating systems is Windows Server 2003.

    (more...)

    Posted by Paul Mutton on 1st July, 2009 in Hosting, Performance

Page 3 of 712345...Last »