May 2004 Web Server Survey Finds 50 Million Sites

We now find more than 50 million web sites on the Internet, as the May 2004 survey received http responses from 50,550,965 sites. The milestone caps a period of revived growth for the Internet, coming just 13 months after the survey crossed the 40-million mark in April, 2003. By comparison, it took 21 months for the Web to expand from 30 million to 40 million sites.

May was the 16th consecutive month of growth for the Web after a two-year shakeout to absorb the collapse of the dot-com and telecom industries. The upward trend resumed in February 2003, when we detected 35.8 million sites; about the same number as the Dec. 2001 survey.

The rebound in total sites tracks the recovery of the larger Internet economy, as viable companies and business models have emerged from the wreckage of the Internet bubble. Common to the Internet Economy 2.0 is a focus on efficiency and cost management that was largely absent during the boom years of 1998-2000. Recent months have seen reports of strong growth for online ad spending, paid subscription sites, online retail spending, and even modest revivals in venture capital investment and dot-com hiring. On the M&A front, TechDealmaker reported 35 Internet-related acquisitions for the week of April 22-28, valued at $1.5 billion. And, on Thursday Google announced its long-awaited stock offering, leading a pack of web companies readying IPOs.

The first Netcraft survey in August 1995 found 18,957 hosts. Previous milestones in the survey were reached in April 1997 (1 million sites), February 2000 (10 million), September 2000 (20 million) and July 2001 (30 million).

Graph of market share for top servers across all domains, August 1995 - May 2004

Top Developers
Developer April 2004Percent May 2004Percent Change

Continue reading

Sasser Worm Spreading Through LSASS Exploit

The Sasser worm began spreading among unpatched Windows computers today, exploiting a known security hole in LSASS. While Sasser uses similar mechanics as earlier mega-worms Slammer and Code Red, Sasser thus far doesn't appear to be the dramatic event anticipated by worm-wary security firms.

F-Secure reports that the new worm attacks through TCP port 445 (Windows networking), spreads itself through an FTP server on port 5554, and leaves port 9996 open for future exploits. Sasser has received a level 3 rating from Symantec, the middle of its five-point alert scale. Secunia also perceives Sasser as a medium threat, and The Internet Storm Center moved to yellow alert condition, but cautioned that "the exact impact is not clear at this point."

Continue reading

Faulty Site Redesign Leads Tower to Settle With Regulators

As Internet security threats multiply, redesigns of e-commerce sites can introduce a lot more than a sleek new user interface. Tower Records recently settled charges with the U.S. Federal Trade Commission, which sued the company last year after a redesign of its online music store introduced security holes that exposed customers' personal information.

The lapse violated federal law as well as Tower's privacy policy, according to the FTC, which warned that online merchants and banks will be held accountable for lax security auditing of redesigns. "In a fast moving world of electronic commerce, change is inevitable," said Howard Beales, Director of the FTC’s Bureau of Consumer Protection. "Companies must have reasonable procedures in place to make sure that changes do not create new vulnerabilities." The consent agreement requires Tower to have its web site audited by third-party security professionals every two years for the next 10 years. Continue reading

Cisco Uses Linux in Enterprise Content Caching System

While the open source community works on developing affordable substitutes for Cisco routers, Cisco itself is using Linux to power its Application and Content Networking System (ACNS), a caching and content delivery product for enterprise companies.

ACNS allows an IT staff to manage the flow of complex applications, audio and video over Cisco devices on a large network, with customers including Reuters, Siemens Medical Solutions and the U.S. Department of Veterans Affairs.

"ACNS has been based on a Cisco-modified version of Linux since its initial release," said Cisco spokesman Charles Sommerhauser. "There were earlier generations of related products that also ran on this OS. We use Linux on some of our products in order to integrate Linux-based applications."

Continue reading

Microsoft SSL Patch Crashes Some Win2K Systems

The Windows MS04-011 security patch includes a bug that crashes some Windows 2000 machines, according to Microsoft. Nearly 39 percent of web-facing SSL servers are running Windows 2000, according to our March SSL Survey, making it the most widely deployed operating system for SSL systems by a margin.

The security update, arguably one of the most critical Windows security fixes ever, addresses 14 separate security holes. Among them is a Windows SSL vulnerability targeted by several published exploits, which has raised concerns of a major Internet security event. The PCT and SSL 2.0 protocols targeted by the exploit are enabled by default in Win2K.

Continue reading

Protracted Availability problems for

The web site is experiencing the latest in a series of outages, which began April 24 and have intensified since Tuesday, with the site either exhibiting very slow response times or being unreachable. The duration of the performance problems is unusual for a network provider the size of (previously Metromedia Fiber Network). The company has not yet responded to an inquiry about its site performance.

AboveNet site performance

Our Hosting Provider Network Performance summary provides current information on the uptime for web sites of major hosting companies.