1. Widespread Outages for World of Warcraft

    World of Warcraft is experiencing lengthy downtime, and blaming its service provider for the outages. The virtual world, which now has more than 6 million users, also announced emergency maintenance outages overnight on a large number of game servers (known as "realms").

    "We'd like to make all players aware that at this time our internet service provider is experiencing significant complications, and as a result the playability on a large portion of realms has been adversely affected," said a message from Epifanio, Senior Game Master, on the WoW forums.. "Symptoms include but are not limited to lag, random disconnections and slow authentication. Our network technicians are doing everything in their power to work with our ISP so that this issue may be resolved as swiftly as possible."

    World of Warcraft is hosted by AT&T, which houses servers for the game at data centers in Los Angeles and Redwood City, Calif., and Ashburn, Va. The outages affected the worldofwarcraft.com web site as well as the game servers, as shown in our uptime chart:

    World of Warcraft web site performance

    A dynamically updating chart of World of Warcraft's web site performance is available here. Netcraft offers a web site performance monitoring service that provides similar charts, along with e-mail alerts when an outage occurs.

    (more...)

    Posted by Rich Miller on 25th March, 2006 in Performance

  2. Bot Authors Targeting phpBB Forums

    Bots are registering user accounts on thousands of phpBB forums across the Internet, raising concerns that the bot's authors are laying the groundwork for mass exploitation down the road. The activity of a bot named FuntKlakow was discussed in a Digg thread Sunday, with many forum owners confirming that FuntKlakow had created accounts and even posted simplistic messages ("O How nice" and "Wow that is cool").

    FuntKlakow's post signatures have included links to proxy surfing and "traffic generator" services, raising the prospect that its goal may be spam rather than exploits. But as noted on a German site that issued an early warning about the bot's behavior, "the next time the phpBB announces a critical vulnerability, the bot would have everything ready (just a post click away) from attacking thousands of sites/forums." Google searches suggested the bot may have created accounts on as many as 33,000 forums.

    (more...)

    Posted by Rich Miller on 20th March, 2006 in Security

  3. Chinese Bank’s Server Used in Phishing Attacks on US Banks

    A web server belonging to a state-operated Chinese bank is hosting phishing sites targeting U.S. banks and financial institutions. Phishing e-mails sent on Saturday (March 11) targeting customers of Chase Bank and eBay were directed to sites hosted on ip addresses assigned to The China Construction Bank (CCB) Shanghai Branch. The phishing pages are located in hidden directories with the server's main page displaying a configuration error. This is the first instance we have seen of one bank's infrastructure being used to attack another institution.

    The attack on Chase offers recipients the chance to earn $20 by filling out a user survey which presents a series of questions about the usability of the Chase online banking site, followed by a request for user ID and password, so the $20 "reward" can be deposited to the proper account. The form also requests the victim's bankcard number, PIN number, card verification number, mother's maiden name and Social Security number. Any data submitted is then sent to a free form processing service (free.allforms.mailjol.net) operated by an Indian company but hosted in the U.S. at NetAccess.

    Phishing Page on China Construction Bank Web Server

    (more...)

    Posted by Rich Miller on 12th March, 2006 in Security

  4. Hackers Targeting Mambo Security Holes

    Hackers are actively seeking out unpatched versions of the Mambo content management system, which recently repaired a serious security hole. The latest exploit attempts target a different vulnerability than the Mare.D worm, which grabbed headlines last month but apparently did limited damage to Mambo sites. Sites running on Mambo should upgrade to the latest version as soon as possible.

    On Feb. 24 James Bercegay of GulfTech Security Research announced vulnerabilities in Mambo that could allow a server compromise by a remote attacker, including several methods of an SQL injection attack. Bercegay also found a way for attackers to use Mambo's file inclusion features to breach system security. Last July Bercegay discovered a weakness in XML-RPC libraries used by numerous PHP-based blogging and content management apps.

    (more...)

    Posted by Rich Miller on 10th March, 2006 in Security

  5. March 2006 Web Server Survey

    In the March 2006 survey we received responses from 77,568,868 sites, an increase of 1.38 million from February 2006. This month's hostname growth has a somewhat speculative flavor, as the survey found nearly 2.8 million new hostnames this month, but just 237K new active sites. That ratio of one active site for every 12 hostnames is much lower than in recent months (in September 2005 the ratio was one in five).

    That means a larger percentage of new domains are being parked, rather than used on active web sites. The trend is likely connected to media coverage of domain investing, which appears to have prompted a surge in speculative buying. That means more domains are being bought for resale or ad revenue, rather than for use with web sites.

    Infrastructure changes at huge hosting providers once again influence web server market share. Apache gains 1.5 million hostnames this month, including more than 950K at Go Daddy which had been reclassified in January to "Unknown" due to changes in the front-end system used in Go Daddy's bulk hosting service. That shift helps Apache regain 0.7 percent market share, with other servers showing little change this month.

    Total Sites Across All Domains August 1995 - March 2006

    Total Sites Across All Domains, August 1995 - March 2006

    Graph of market share for top servers across all domains, August 1995 - March 2006

    Top Developers
    DeveloperFebruary 2006PercentMarch 2006PercentChange
    Apache5181067668.015328729868.700.69
    Microsoft1566670220.561591242720.51-0.05
    Sun18803132.4718815872.43-0.04
    Zeus5791980.765746070.74-0.02

    (more...)

    Posted by Netcraft on 6th March, 2006 in Web Server Survey

  6. New Reseller Service Offers Utility Computing for $100 a Month

    Mosso Inc. wants to bring affordable utility computing to the masses - or at least to web designers and developers. The start-up, which is backed by Rackspace Managed Hosting, has just launched an innovative reseller hosting service that offers unlimited websites, databases and e-mail accounts in a turnkey service for just $100 a month.

    Mosso uses a "hosting system" of clusters of specialized servers, an approach typically seen in enterprise hosting, which can offer advantages in redundancy and performance. The company was built from the ground-up as an alternative to discount dedicated servers, which have been enormously popular with hosting resellers and power users.

    Mosso's $100 a month reseller account comes with 80 gigabytes of storage space and 2,000 gigs of monthly data transfer. Customer support and billing are available as paid add-ons, allowing customers to outsource both services for just $5 per domain per month. Traffic load balancing and mitigation of denial of service attacks are included in each account, along with the ability to combine Windows and open source technologies on a web site, running ASP and PHP pages from the same web directory. There are significant differences with dedicated server solutions as well, as Mosso offers FTP uploads but not shell or root access.

    (more...)

    Posted by Rich Miller on 4th March, 2006 in Hosting