DDoS Attacks Hobble E-commerce, Security Sites

Digital vandals using distributed denial of service (DDoS) attacks are proving effective in driving e-commerce and security sites offline, and even out of business. The recent attacks show the DDoS becoming a potent weapon against sites with limited resources to defend their sites or pay overusage fees from attack-related bandwidth consumption.

Authorize-It, a Kentucky firm processing online credit card transactions, says it was knocked offline for a week by a DDoS extortion scheme. The attack occurred in mid-April, roughly the same time another online card processor, 2Checkout, was also hobbled by a DDoS blackmail plot. Both 2Checkout and Authorize-It serve the small business e-commerce market.

Continue reading

What future for Google?

As a previous column noted, Google represents the culmination of the first Web search engine era. Its rise was due in part to a reaction against the portals and their increasingly baroque attempts to shoe-horn links to huge chunks of the Net into a single Web page. Google is simultaneously the ultimate portal and an anti-portal, with a studiedly minimalist home page (even if the logo varies).

Google has entered the language, the souls and the bookmarks of the world - probably most regular users of the Internet have made Google their browser's start page. Already an essential part of our Zeitgeist, the question is: What new Google will emerge in the wake of its IPO later this year?

Continue reading

SAVVIS Tops April Hosting Growth With Gains From C&W

SAVVIS Communications grew by more than 800 percent in April as it integrated the U.S. hosting assets of Cable & Wireless, which it purchased in a February bankruptcy court auction for $155 million. The shift of more than 350k hostnames from C&W to SAVVIS is one of the largest distress sales to result from the collapse of the telecom/dot-com market.

But that huge block of hostnames doesn't equate to nearly that many accounts. Over 161K of those hostnames belong to Fabulous.com, and 60K to Domain Active. At the time of auction, C&W's 1,00 hosting customers included General Electric, Starbucks, Office Max, CBS Sportsline and Slashdot.

Top Hosting Providers By Growth, March 04 to April 04
Hosting Company Mar 04 Apr 04 Growth %
SAVVIS Communications 48,043 434,575 386,532 804.6% America
GoDaddy Inc 2,056,231 2,163,143 106,912 5.2% America
The Planet 229,829 292,527 62,698 27.3% America
Forest.net 116,380 177,456 61,076 52.58% America
KT Corporation 125,513 177,839 52,326 41.78% S. Korea
Telus 185,724 233,830 48,106 25.9% Canada
EV1Servers 743,309 779,391 36,082 4.9% America
China Telecom 104,158 138,131 33,973 32.6% China

Continue reading

Interview: Brian Behlendorf, co-founder of Apache

Brian Behlendorf co-founded the Apache Web Server Project and was the first Chief Engineer at Wired Magazine. He also co-founded the web design firm Organic Online and CollabNet, where Behlendorf now serves as CTO. He talks to Rich Miller about Apache's growth, the SCO case's unexpected benefits for open source, and changing the world through software.

Q. It's been a year of big gains for Apache, which now runs more than two-thirds of the sites on the Web, according to the Netcraft Web Server Survey, erasing inroads by Microsoft during 2001. What's your take on Apache's continuing gains?

A. I could speculate all day long as to why it's continued to grow, and I'd love to see a real survey done on it. Anecdotally, my take is that I imagine most of the growth continues to be either with the small mom-n-pop companies, or web hosting ISPs, or internationally - all places where price sensitivity is high, where the economic downturn is still causing budgets to be hurt, and there's willingness to consider an Open Source approach to solving a given problem. No doubt the security holes in IIS have continued to plague its reputation, and while there have been some noticed recently (and fixed) in Apache, they have been much less serious. Finally, I imagine the rise of related Apache projects, like the continued rise in use of mod_perl and Tomcat and our friends over at PHP, have only increased the confidence in using the web server for mission-critical situations.

Q. What's your take on the long-term impact of the SCO lawsuits? What changes - positive and negative - do you see it producing for Linux and the open source community?

A. I'm assuming that thanks to the BayStar callback that this lawsuit is nearly dead. Of course SCO, could sue their own financial backers and prolong this further, but it feels like we're seeing the beginning of the end. But while it was alive, it did a lot for Open Source in some unexpected ways. The community at large had taken a largely see-no-evil, hear-no-evil approach to issues around IP ownership, clearance of rights, that sort of thing, except for a few organizations like the FSF and the Apache Software Foundation who actually put effort into collecting license agreements from contributors. Now, developers are more aware than ever that getting a clean history for code matters a great deal.

Continue reading

Sasser, Phatbot May Make LSASS Flaw An Enduring Headache

The malware community's refinements of the Sasser worm and Phatbot trojan may make the Windows LSASS security hole a more enduring security headache, with new Sasser variants appearing while Phatbot expands "botnets" to launch Spam and denial of service attacks.

Four days after Sasser's release, it appears the limited effectiveness of the inital version was likely due to its coding, rather than improved patching of Windows products. Infections grew as new variants were released Sunday and Monday. With Sasser now at version D, media have identified numerous organizations reporting compromised systems, including American Express, Goldman Sachs, Australia's Westpac Bank, Finnish financial company Sampo and British Coast Guard stations. Microsoft reports that 1.5 million users downloaded its cleanup tool via Windows Update, explaining that site's slow performance Monday.

Continue reading

Most Reliable Hosting Providers during April

Ranking by Failed Requests and Connection time,
April 1st - 30th 2004


During April, Jumpline, a hosting company which specialises in Virtual Private Server [VPS] solutions, was the most reliable of the hosting company sites we monitor. Second placed was Energis, the UK telco and high end hosting provider, and third was Komplex, the German hosting company which was top during March.

Notably, this month five of the top ten sites were running Linux. This is first time since the performance analysis of hosting company sites started that Linux has been the leading operating system for site reliability. Until now FreeBSD had without exception been the most common operating system amongst the top ten each month. However, this month, the top ten comprises five sites running Linux, three running FreeBSD and one each running OpenBSD and Windows, with Energis running Windows and Secure Dog running OpenBSD.

Continue reading