HMRC phishing site hosted on domain

An ongoing phishing attack against UK taxpayers is being given additional credibility by using a domain. Sefton Council is hosting the phishing content on its Novel GroupWise 7.0 site at

The phish follows one of the typical ploys commonly seen in HMRC and IRS phishing attacks: The victim is led to believe that they can receive a tax refund by submitting their full credit card details, but these details are instead sent directly to the fraudster behind the attack.


The fraudulent form submits the victim's details to a PHP script hosted at


The UK's Central Office of Information is responsible for deciding who can register domains. Eligibility is strictly limited, which helps to preserve the integrity of the namespace; however, this obviously has an undesirable effect when this integrity is leveraged by fraudulent content on compromised servers. Netcraft has informed Sefton Council about this phishing attack.

Netcraft provides an Automated Vulnerability Scanning service which regularly tests your internet infrastructure, supplies the information you need to maintain your security and eliminate vulnerabilities, and audits that it has found no serious vulnerabilities using a dynamically generated seal.

August 2009 Web Server Survey

In the August 2009 survey we received responses from 225,950,957 hostnames — 13.7M less than in July.

Much of the drop this month is due to the expiry of a large number of sites at The Planet, including 5 million sites in the .pl top-level domain all on one IP address, which were believed to be part of a linkfarm.

Lighttpd Sites

Lighttpd had a significant gain this month, rising to over two million sites, just under 1% of the survey. Lighttpd is a webserver designed for high performance environments. It has a small memory footprint, a large feature set and is licensed under a revised BSD license. Originally written by Jan Kneschke, Lighttpd is now maintained by a small team of developers, and now hosts a large number of popular and high traffic sites, including and the controversial Pirate Bay.

Total Sites Across All Domains August 1995 - August 2009

Total Sites Across All Domains, August 1995 - August 2009

Graph of market share for top servers across all domains, August 1995 - August 2009

Top Developers
DeveloperJuly 2009PercentAugust 2009PercentChange

Continue reading Compromised has been offline for 3 hours this morning, after one of their servers was compromised. Their sites were displaying the message:


The message goes on to say that the compromise is "not due to any software exploits in Apache itself", but was instead due to a compromised SSH key.

Update: Most of's sites have been back online this afternoon after they switched over to servers not compromised in the attack. Apache have released more information about the incident: an account used for backups was compromised on a back-end server. This server distributes content to Apache's public web servers, so the attackers used it to distribute scripts to the web servers; once the scripts were public, the attackers could execute them remotely, gaining access to the web servers as well. But these rogue processes were detected, so the servers were taken offline for investigation and clean-up.

Continue reading

Most Reliable Hosting Company Sites in July 2009

Rank Company site OS Outage
DNS Connect First
1 Windows 2000 0:00:00 0.010 1.197 0.039 0.119 0.353
2 New York Internet FreeBSD 0:00:00 0.010 0.123 0.071 0.148 0.362
3 Virtual Internet Linux 0:00:00 0.010 2.505 0.102 0.283 0.534
4 Hosting 4 Less Linux 0:00:00 0.010 0.296 0.105 0.215 0.428
5 DataPipe unknown 0:00:00 0.014 0.416 0.024 0.049 0.049
6 Swishmail FreeBSD 0:00:00 0.014 2.371 0.033 0.066 0.157
7 INetU unknown 0:00:00 0.014 1.246 0.088 0.184 0.414
8 Windows Server 2003 0:00:00 0.019 1.368 0.079 0.161 0.383
9 Pair Networks FreeBSD 0:00:00 0.019 0.993 0.093 0.189 0.468
10 Server Intellect Windows Server 2008 0:00:00 0.019 1.090 0.112 0.227 0.455

See full table, New York Internet, Virtual Internet and Hosting 4 Less had the most reliable hosting company sites in July 2009, with each site only failing to respond to a single request from our performance monitors.

This is's first appearance as joint number one. is the only company in this month's top ten whose site is served by Microsoft IIS/5.0. offers a variety of Linux, Windows and eCommerce hosting packages, as well as managed email and domain name registration, and web design services.

This month is New York Internet's fifth at the top of the table this year. They also made the number one spot in January, February, April and May. New York Internet offer colocation, dedicated servers, disaster recovery, web hosting, E-mail, DSL access and managed services.

This is the second month this year in which Virtual Internet has been joint first, and it has stayed in the top ten since April. Virtual Internet offer managed and cloud hosting as well as managed messaging and collaboration services.

Hosting 4 Less are one of the most reliable hosting companies for the third time this year, after coming joint first in March and April. Hosting 4 Less are based in California, and offer web, FTP and eCommerce hosting. They also run backup4less, an online backup service.

This month's top ten sees three company sites using Windows (including Windows Server 2008, 2003 and 2000), as well as three running FreeBSD and two running Linux.

Continue reading

July 2009 Web Server Survey

In the July 2009 survey we received responses from 239,611,111 sites, an increase of around 1.5 million sites from last month. There was a substantial increase in sites on Google's Blogger service, which had 2.2 million more sites in use this month.

Although Microsoft loses active sites overall this month, Microsoft-IIS/7.0 — shipped with Windows Server 2008 and Vista — continues to grow, passing 3 million sites (with 2 million active sites) this month. 2.4 million of these IIS/7.0 sites are in the United States.

nginx had another strong month, gaining over 300,000 active sites at China Unicom and another 100,000 active sites due to continued growth at

Total Sites Across All Domains August 1995 - July 2009

Total Sites Across All Domains, August 1995 - July 2009

Graph of market share for top servers across all domains, August 1995 - July 2009

Top Developers
DeveloperJune 2009PercentJuly 2009PercentChange

Continue reading

DataPipe had the Most Reliable Hosting Company Site in June 2009

Rank Company site OS Outage
DNS Connect First
1 DataPipe FreeBSD    0.000  1.230 0.008 0.017 0.018
2 New York Internet FreeBSD  0:00:00  0.005  0.129 0.060 0.124 0.272
3 unknown  0:00:00  0.005  0.309 0.063 0.132 0.198
4 iWeb Technologies Linux  0:00:00  0.005  1.329 0.076 0.152 0.221
5 Ltd. FreeBSD  0:00:00  0.005  0.748 0.107 0.676 1.016
6 Inc Windows Server 2003  0:00:00  0.005  0.353 0.112 0.229 1.269
7 INetU unknown  0:00:00  0.010  1.518 0.063 0.134 0.279
8 Swishmail FreeBSD  0:00:00  0.010  0.616 0.074 0.149 0.313
9 Virtual Internet Linux  0:00:00  0.015  1.796 0.058 0.174 0.320
10 Linux  0:00:00  0.015  2.205 0.064 0.555 0.698

See full table

DataPipe had the most reliable hosting company site in June 2009. The company's site responded without fail to every request made by Netcraft's performance collectors throughout the month.

This is DataPipe's second appearance at the top so far this year. Jersey City based DataPipe has established partnerships with Cisco, FreeBSD, HP, Microsoft, Oracle, Red Hat, Sun, and VMware, and its commitments to customer service were recognised in this year's Stevie Awards, where the company was listed as a finalist in the Customer Service Department of the Year - IT & Telecommunications category. The company has more than 1,500 customers in six data centres and eight business office locations in the United States, the United Kingdom and China.

Among June's top ten hosting company sites, four companies (including DataPipe) run their sites on FreeBSD. Three other companies run their sites on Linux, while the remaining identifiable operating systems is Windows Server 2003.

Continue reading