Attacks resume against US Department of Justice

The United States Department of Justice appears to be under attack for the second time since the popular Megaupload file sharing site was taken down. The group Anonymous appears to be carrying out this latest attack in protest against the Anti-Counterfeiting Trade Agreement (ACTA)

In its Mega Song music video, which was released last month, Megaupload claimed the site had 1 billion users and accounted for 4% of all traffic on the internet. was the 77th busiest site according to the Netcraft Toolbar. The company's main website was hosted by Carpathia Hosting, but now displays an FBI anti-piracy warning hosted by Amazon. The warning explains, "This domain name associated with the website has been seized pursuant to an order issued by a U.S. District Court." Despite the static nature of the warning page, it appears to have struggled with the amount of traffic it was receiving over the weekend:

“Operation Italy” takes down government website

Plans by Anonymous to launch a distributed denial of service attack against were changed half an hour before the attack was scheduled to commence. The group used IRC, Twitter, Pastebin and image sharing sites to advertise the attack a day before it was due to start, but the surprise change meant that unexpectedly ended up bearing the brunt of the attack.

The DDoS attack against was immediately successful, with the site becoming inaccessible from 14:00 UTC on Thursday. The attack appeared to subside a few hours later and the site is now functioning normally with no apparent changes to its infrastructure.

After seeing how easily its "lulzcannon" were able to take down, some members of Anonymous called for the original target,, to be attacked as well. It was not apparent how many people took part in this secondary attack, but it appeared to have a minimal impact on the site's availability:

Attacks continue against Finnish anti-piracy website

Finnish anti-piracy organisation TTVK is still under attack after it successfully applied for one of the country's largest ISPs to block access to the popular bittorrent tracker, The Pirate Bay. The Helsinki District Court ordered Elisa Oyj to implement the block, and Elisa responded by appealing the decision to the Helsinki Court of Appeal.

In protest against the block, AnonFinland called for its supporters to "fire their cannons" at the TTVK's website, which quickly succumbed to the attack. Anonymous has issued similar calls to arms in the past – most notably towards the end of 2010, when WikiLeaks supporters successfully used the LOIC tool (Low Orbit Ion Cannon) to attack the websites of Visa, MasterCard and PayPal.

Shortly after calling for the site to be attacked, AnonFinland tweeted a now-customary "tango down" message, signifying that the attack had succeeded. With a Netcraft site rank of only 435586, it is likely that was typically not accustomed to large volumes of traffic. This, coupled with the fact that the site does not make use of a CDN to increase redundancy or reduce network latency, may have made the organisation an easy target. – which is coincidentally hosted by Elisa Oyj – was still down at the time of publication.

Nigerian government hosts Halifax phishing site

The Nigerian government's National Information Technology Development Agency is currently hosting a phishing attack against Halifax on its own website at NITDA has been notified, and the Netcraft Toolbar community (which discovered the fraudulent content) is already protected from this attack.

Ironically, NITDA is the clearing house for IT projects in Nigeria, and establishes a set of security guidelines for the Federal Government of Nigeria in its Computer Network Architecture Standards (COMNAS) Framework. This document covers the national policy on network security and describes vulnerability scanning and penetration testing procedures which may have prevented the fraudulent content from appearing on its own website.

Phishing sites are quite commonly hosted on government infrastructure: In July, Netcraft blocked 146 new phishing sites hosted in government domains around the world.

January 2012 Web Server Survey

In the January 2012 survey we received responses from 582,716,657 sites, a growth of 4.9% or 27.2M sites on last month.

All major web server vendors have continued to gain hostnames this month with Apache, once again, achieving the largest increase of just under 16M hostnames. Despite this, Apache's market share fell by 0.3%, negating the increase experienced last month. Although Microsoft gained 1.8M sites it recorded a further drop in market share, extending a trend that dates back as far as June 2010. Conversely, nginx was the only major web server vendor to gain market share this month and set a new all-time high of 9.63%. Furthermore, it saw the second largest absolute growth with an addition of 6.9M hostnames.

In terms of Active Sites, nginx gained 1.9M which resulted in it overtaking Microsoft to have the second largest number of Active Sites (22.2M). Apache experienced the greatest rise this month with an addition of 3.7M Active Sites, more than double the increase it recorded last month.

Across the million busiest sites, Apache and Microsoft both lost market share this month whilst nginx and Google saw a small increase.

Total Sites Across All Domains
August 1995 - January 2012

Total Sites Across All Domains, August 1995 - January 2012

Market Share for Top Servers Across All Domains
August 1995 - January 2012

Graph of market share for top servers across all domains, August 1995 - January 2012

DeveloperDecember 2011PercentJanuary 2012PercentChange
Continue reading

Most Reliable Hosting Company Sites in December 2011

Rank Company site OS Outage
DNS Connect First
1 Qube Managed Services Linux 0:00:00 0.003 0.082 0.051 0.104 0.104
2 Virtual Internet Linux 0:00:00 0.003 0.150 0.066 0.137 0.209
3 New York Internet FreeBSD 0:00:00 0.003 0.130 0.068 0.138 0.411
4 iWeb Technologies Linux 0:00:00 0.007 0.073 0.048 0.096 0.096
5 Windows Server 2008 0:00:00 0.007 0.033 0.065 0.132 0.264
6 Linux 0:00:00 0.010 0.350 0.095 0.203 0.558
7 Rackspace F5 BIG-IP 0:00:00 0.013 0.116 0.067 0.166 0.372
8 Datapipe FreeBSD 0:00:00 0.017 0.071 0.013 0.019 0.034
9 INetU Windows Server 2008 0:00:00 0.017 0.084 0.041 0.165 0.351
10 Pair Networks FreeBSD 0:00:00 0.017 0.215 0.074 0.151 0.438

See full table

The most reliable hosting company in December was Qube Managed Services, which responded to all but one of Netcraft's requests throughout the entire month. Qube offers managed hosting, cloud hosting and managed colocation for a range of customers, with a particular interest for those in the Finance and New Media sectors. The company was founded in London in 2001, where it now has two data centers. Customers can also make use of Qube's additional data centers in New York and Zurich.

Qube also performed well in the previous month, when it was the second most reliable hosting company.

Virtual Internet took second place, also with only one failed request, but with a longer connection time. The UK-based company provides a content distribution network (CDN) for the Monstermind game on Facebook, and also offers a range of private and public cloud hosting on both VMware and Xen hypervisors.

New York Internet was the third most reliable hosting company. NYI offers colocation, dedicated servers and virtual hosting from data centers in New York. The company focuses on reliability and technical support that is responsive round the clock.

Four of December's top ten most reliable hosting company sites used Linux, while three used FreeBSD, two used Windows Server 2008, and one used F5 BIG-IP.

Netcraft measures and makes available the response times of around forty leading hosting providers' sites. The performance measurements are made at fifteen minute intervals from separate points around the internet, and averages are calculated over the immediately preceding 24 hour period.

From a customer's point of view, the percentage of failed requests is more pertinent than outages on hosting companies' own sites, as this gives a pointer to reliability of routing, and this is why we choose to rank our table by fewest failed requests, rather than shortest periods of outage. In the event the number of failed requests are equal then sites are ranked by average connection times.

Information on the measurement process and current measurements is available.