1. Nigerian government hosts Halifax phishing site

    The Nigerian government's National Information Technology Development Agency is currently hosting a phishing attack against Halifax on its own website at www.nitda.gov.ng. NITDA has been notified, and the Netcraft Toolbar community (which discovered the fraudulent content) is already protected from this attack.

    Ironically, NITDA is the clearing house for IT projects in Nigeria, and establishes a set of security guidelines for the Federal Government of Nigeria in its Computer Network Architecture Standards (COMNAS) Framework. This document covers the national policy on network security and describes vulnerability scanning and penetration testing procedures which may have prevented the fraudulent content from appearing on its own website.

    Phishing sites are quite commonly hosted on government infrastructure: In July, Netcraft blocked 146 new phishing sites hosted in government domains around the world.

    Posted by Paul Mutton on 4th January, 2012 in Security

  2. January 2012 Web Server Survey

    In the January 2012 survey we received responses from 582,716,657 sites, a growth of 4.9% or 27.2M sites on last month.

    All major web server vendors have continued to gain hostnames this month with Apache, once again, achieving the largest increase of just under 16M hostnames. Despite this, Apache's market share fell by 0.3%, negating the increase experienced last month. Although Microsoft gained 1.8M sites it recorded a further drop in market share, extending a trend that dates back as far as June 2010. Conversely, nginx was the only major web server vendor to gain market share this month and set a new all-time high of 9.63%. Furthermore, it saw the second largest absolute growth with an addition of 6.9M hostnames.

    In terms of Active Sites, nginx gained 1.9M which resulted in it overtaking Microsoft to have the second largest number of Active Sites (22.2M). Apache experienced the greatest rise this month with an addition of 3.7M Active Sites, more than double the increase it recorded last month.

    Across the million busiest sites, Apache and Microsoft both lost market share this month whilst nginx and Google saw a small increase.

    Total Sites Across All Domains
    August 1995 - January 2012

    Total Sites Across All Domains, August 1995 - January 2012


    Market Share for Top Servers Across All Domains
    August 1995 - January 2012

    Graph of market share for top servers across all domains, August 1995 - January 2012


    DeveloperDecember 2011PercentJanuary 2012PercentChange
    Apache362,267,92265.22%378,267,39964.91%-0.30
    Microsoft82,521,80914.86%84,288,98514.46%-0.39
    nginx49,143,2898.85%56,087,7769.63%0.78
    Google18,464,1483.32%18,936,3813.25%-0.07
    (more...)

    Posted by Netcraft on 3rd January, 2012 in Web Server Survey

  3. Most Reliable Hosting Company Sites in December 2011

    Rank Company site OS Outage
    hh:mm:ss
    Failed
    Req%
    DNS Connect First
    byte
    Total
    1 Qube Managed Services Linux 0:00:00 0.003 0.082 0.051 0.104 0.104
    2 Virtual Internet Linux 0:00:00 0.003 0.150 0.066 0.137 0.209
    3 New York Internet FreeBSD 0:00:00 0.003 0.130 0.068 0.138 0.411
    4 iWeb Technologies Linux 0:00:00 0.007 0.073 0.048 0.096 0.096
    5 www.netcetera.co.uk Windows Server 2008 0:00:00 0.007 0.033 0.065 0.132 0.264
    6 www.westhost.com Linux 0:00:00 0.010 0.350 0.095 0.203 0.558
    7 Rackspace F5 BIG-IP 0:00:00 0.013 0.116 0.067 0.166 0.372
    8 Datapipe FreeBSD 0:00:00 0.017 0.071 0.013 0.019 0.034
    9 INetU Windows Server 2008 0:00:00 0.017 0.084 0.041 0.165 0.351
    10 Pair Networks FreeBSD 0:00:00 0.017 0.215 0.074 0.151 0.438

    See full table

    The most reliable hosting company in December was Qube Managed Services, which responded to all but one of Netcraft's requests throughout the entire month. Qube offers managed hosting, cloud hosting and managed colocation for a range of customers, with a particular interest for those in the Finance and New Media sectors. The company was founded in London in 2001, where it now has two data centers. Customers can also make use of Qube's additional data centers in New York and Zurich.

    Qube also performed well in the previous month, when it was the second most reliable hosting company.

    Virtual Internet took second place, also with only one failed request, but with a longer connection time. The UK-based company provides a content distribution network (CDN) for the Monstermind game on Facebook, and also offers a range of private and public cloud hosting on both VMware and Xen hypervisors.

    New York Internet was the third most reliable hosting company. NYI offers colocation, dedicated servers and virtual hosting from data centers in New York. The company focuses on reliability and technical support that is responsive round the clock.

    Four of December's top ten most reliable hosting company sites used Linux, while three used FreeBSD, two used Windows Server 2008, and one used F5 BIG-IP.

    Netcraft measures and makes available the response times of around forty leading hosting providers' sites. The performance measurements are made at fifteen minute intervals from separate points around the internet, and averages are calculated over the immediately preceding 24 hour period.

    From a customer's point of view, the percentage of failed requests is more pertinent than outages on hosting companies' own sites, as this gives a pointer to reliability of routing, and this is why we choose to rank our table by fewest failed requests, rather than shortest periods of outage. In the event the number of failed requests are equal then sites are ranked by average connection times.

    Information on the measurement process and current measurements is available.

    Posted by Netcraft on 1st January, 2012 in Hosting, Performance

  4. Phishing sites using Extended Validation SSL

    Netcraft's anti-phishing toolbar community identified a noteworthy phishing attack against PayPal in December. FasterPay – which describes itself as the UK's only safe, all-in-one Internet Banking payment service – was apparently hacked, and a subdirectory on the company's own website at www.fasterpay.co.uk was used to host a PayPal phishing site.

    The veracity of the phishing attack was enhanced by the Extended Validation SSL certificate used by the FasterPay website. This meant that any victims of the phishing attack would have been presented with the reassuring green EV indicator in (or near) the browser's address bar. This attack acts as a reminder that users must do more than merely look for the presence of an EV certificate when deciding whether or not it is safe to submit personal or financial data to a website.

    The CA/Browser Forum defines a strict set of guidelines [pdf] that a certificate authority must adhere to when issuing an Extended Validation certificate. These guidelines clearly detail the steps required to verify the identity and legitimacy of an organisation when it applies for a certificate, as well as the security processes that must be implemented by the certificate authority.

    Each certificate authority must maintain a comprehensive security program to protect all EV processes, including carrying out regular risk assessments. However, no such requirements are placed upon the owners of websites which use EV certificates, which perhaps highlights a weakness in the current guidelines.

    According to these guidelines, one of the secondary purposes of EV certificates is to address the problem of phishing, but the attack hosted by FasterPay demonstrates how this type of protection can be undermined and rendered trustworthy – if a user is conditioned to be reassured by the presence of an EV certificate, he will be more susceptible to any phishing attack that is hosted on a site with an EV certificate. FasterPay is by no means the first EV-toting website to have exhibited a security vulnerability, which raises the question of whether the issuance guidelines for EV certificates should also require the applicant to provide similar assurances regarding the security of the website on which an EV certificate is to be deployed – for example, by carrying out regular automated vulnerability scans or manual web application security testing.

    Posted by Paul Mutton on 30th December, 2011 in Security

  5. December 2011 Web Server Survey

    In the December 2011 survey we received responses from 555,482,744 sites, giving a rise of 29.5 million (+5.6%) since last month.

    Since June all major web server vendors have continuously gained hostnames. This month Apache saw, once again, the largest increase of just over 20M hostnames, which is the largest gain for Apache in five months. The second largest growth was seen by Microsoft, with a gain of 1.2M; however, this still resulted in Microsoft losing market share. nginx, on the other hand, successfully recovered from its recent loss bringing the web server vendor to another all-time high of 8.85% market share.

    All server vendors also saw an increase in Active Sites this month. Apache experienced the largest increase with a gain of nearly 1.5M sites. Microsoft also gained 0.5M Active Sites increasing its market share advantage over its close rival nginx by 0.7 percentage points. The total number of Active Sites in our survey now stands at 175 million.

    Total Sites Across All Domains
    August 1995 - December 2011

    Total Sites Across All Domains, August 1995 - December 2011


    Market Share for Top Servers Across All Domains
    August 1995 - December 2011

    Graph of market share for top servers across all domains, August 1995 - December 2011


    DeveloperNovember 2011PercentDecember 2011PercentChange
    Apache341,880,66265.00%362,267,92265.22%0.22
    Microsoft81,261,09915.45%82,521,80914.86%-0.59
    nginx44,731,7808.50%49,143,2898.85%0.34
    Google17,749,7483.37%18,464,1483.32%-0.05
    (more...)

    Posted by Netcraft on 9th December, 2011 in Web Server Survey

  6. Sustained LiveJournal DDoS attack continues

    Blogging site LiveJournal is still being hammered by a distributed denial of service attack which started 10 days ago.

    On November 28, the LiveJournal Status website announced in both English and Russian that the site was under a DDoS attack.

    The attack appears to have continued over the past 10 days, causing some significant outages and slowdowns. Nonetheless, LiveJournal did manage to stay online throughout most of this period, although the company had to disable support for third party services such as Facebook, Twitter and Google yesterday.

    LiveJournal has been owned by Russian media company SUP since 2007, and there has been much speculation that this latest attack could be related to recent elections in Russia. LiveJournal was subjected to a series of similar attacks in March and April this year, which LiveJournal attempted to counter by upgrading their servers.

    At 13:15 UTC today, LiveJournal again confirmed that the site was up, but still under a DDoS attack.

    Posted by Paul Mutton on 7th December, 2011 in Performance

Page 21 of 186« First...101920212223304050...Last »