Netcraft produces a dataset which provides a worldwide analysis of hosting companies. Each of the sites found in our monthly Web Server Survey is attributed to a hosting location using reverse DNS and ip address delegation information. Data for these networks is aggregated into parent companies so that a league table of companies controlling the largest number of web sites is produced.
Data is produced for a number of different metrics, allowing analysis based on the number of hostnames, active sites and IP addresses used by the company.
|
|
|
Digg
Slashdot
Reddit
StumbleUpon
Delicious
TechnoratiAs of 1st January 2009, the Netcraft Toolbar community has blocked 1.9 million phishing attacks. To provide an incentive for the community to send us reports of phishing sites, reporters now receive the following goodies from Netcraft:
| Netcraft Mug | (after 100 validated phishing reports) |
| Netcraft Polo Shirt | (after 400) |
| To be confirmed (approx value £40-50) | (after 1,000) |
| Top of the range iPod | (after 4,000) |
To report phishing sites to us, use the form at http://toolbar.netcraft.com/report_url
Upon reaching 4,000 you become eligible for a monthly competition to incentivise large reporters.
To track the progress, we have a leaderboard displaying the people with the largest number of accepted reports so far this month, identified by their first names to preserve their anonymity.
The Netcraft Toolbar, which is available for both Internet Explorer and Firefox, serves as a giant neighborhood watch scheme for the Internet: members who encounter a phishing fraud can act to defend the larger community of users against the attack. Once the first recipients of a phishing mail have reported the target URL, it is blocked for toolbar users who subsequently access the URL and widely disseminated attacks simply mean that the phishing attack will be reported and blocked sooner.
Looking back at 2008, Netcraft has seen phishing attacks evolve, with fraudsters using progressively sneakier tactics:
- October 2008 saw an attack against Yahoo! which was used to steal authentication cookies from its users. The cross-site scripting vulnerability on Yahoo!'s own website allowed the fraudster to steal the details simply as a result of a victim visiting the page.
- The two-edged nature of how browsers present Extended Validation (EV) SSL certificates was highlighted after a cross-site scripting vulnerability was demonstrated on paypal.com. This flaw would have allowed hackers to carry out highly plausible attacks, adding their own content to the site and stealing credentials from users.
- Phishers branched out into telephone phishing. Victims were asked to phone a toll free number to reactivate their card.
- Fraudsters found a cross-site scripting vulnerability on an Italian bank's website. This was used to orchestrate an attack against the bank, using its own HTTPS website URL.
- Backdoored phishing kits have been deployed by criminal programmers wishing to reduce their workload by getting novice fraudsters to deploy the kits onto websites and send the phishing emails. Netcraft later reported a large range of different phishing kits being offered by the same group.
Domain name registrars and hosting companies may often find that they are unwittingly providing facilities for phishing.
Having access to timely, professionally validated alerts when phishing sites are deployed using their infrastructure is operationally efficient and responsible for both registrars and hosting companies, and an important part of preserving their company's reputation.
Netcraft produces a continuously updated phishing feed that is very widely used. At least three separate third party studies have found it to be the most comprehensive feed available.
Phishing sites are submitted to the feed by the Netcraft Toolbar community. Reporters range from individuals submitting phishing mails that they have personally received, to specialist security researchers and several of the largest banks and financial payment systems. All submissions are carefully validated before being added to the feed.
Over the last six months Netcraft has blocked over 110,000 distinct phishing sites [Apr - Oct 2008].
Registrars, hosting providers and ISPs are able to provide a footprint of their IP addresses, name servers and WHOIS servers, such that when we validate a phishing report, they receive an alert if the phishing site is using any aspect of their infrastructure.
More informationPlease contact us (sales@netcraft.com) for pricing or further details about any of our services.
Netcraft has developed a dataset which shows the hosting locations of the million busiest websites, as determined by visits from users of the Netcraft Toolbar.
The dataset gives a guide to the market share of companies hosting the sites responsible for the great majority of web traffic, and is uninfluenced by parked domains, personal sites, shared hosting accounts or the majority of blogs.
Although the top 1000 sites are concentrated amongst the web superpowers, Google, Microsoft, Yahoo and EBay, the hosting locations of the top million sites are widely fragmented, with a little over 3.25% sufficient for top spot.
The dataset is presented in an Excel spreadsheet and provides a variety of different filters and selections. Using the dataset, a hosting company can identify its relative position and closest competitors in each of the top 10,000, 100,000 and million tiers of site traffic, and also by region, country, and operating system.
|
|
Related Netcraft Service: Netcraft Anti-Phishing Toolbar
Related Netcraft Service: Netcraft Anti-Phishing Toolbar
| Rackspace Managed Hosting - Web Hosting - Hosting | Swishmail.com Business Email Hosting | Compare the Best Web Hosting Companies |
| INetU Managed Hosting - Dedicated Servers | Windows Dedicated Servers from Server Intellect | Reseller hosting Managed dedicated server Ahosting |
| Business Web Hosting Services - webhosting.uk.com | Web Hosting - Dedicated Servers & VPS Hosting | Managed Hosting - PCI Compliance by NeoSpire |
Advertising on Netcraft