apache news

Discussion in 'NZ Computing' started by froggy, Feb 2, 2005.

  1. froggy

    froggy Guest

    heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    http://news.netcraft.com front page news...
    apache now serves more than 40 million sites (68.8% of all web sites)

    microsoft webservers ( I presume they mean IIS ) come a close second
    with 20.9%

    <troll>
    hmm I wonder why no worms are released for apache... with an installed
    base like that you'd think there were a few floating about by now :p
    </troll>
    froggy, Feb 2, 2005
    #1
    1. Advertising

  2. froggy

    steven Guest

    On Wed, 02 Feb 2005 13:59:39 +1300, froggy wrote:

    > heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    > http://news.netcraft.com front page news...
    > apache now serves more than 40 million sites (68.8% of all web sites)
    >
    > microsoft webservers ( I presume they mean IIS ) come a close second
    > with 20.9%
    >
    > <troll>
    > hmm I wonder why no worms are released for apache... with an installed
    > base like that you'd think there were a few floating about by now :p
    > </troll>


    there is!

    they call it 'a patchy server' for a reason.


    --
    -------------------------------------
    Steven H (.net geek)
    Third Year, B.I.T. Otago Polytechnic
    steven, Feb 2, 2005
    #2
    1. Advertising

  3. froggy

    froggy Guest

    On Wed, 02 Feb 2005 15:00:21 +1300, steven wrote:

    > On Wed, 02 Feb 2005 13:59:39 +1300, froggy wrote:
    >
    >> heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    >> http://news.netcraft.com front page news...
    >> apache now serves more than 40 million sites (68.8% of all web sites)
    >>
    >> microsoft webservers ( I presume they mean IIS ) come a close second
    >> with 20.9%
    >>
    >> <troll>
    >> hmm I wonder why no worms are released for apache... with an installed
    >> base like that you'd think there were a few floating about by now :p
    >> </troll>

    >
    > there is!


    oops.. right you are.. I should really have googled before being a smart
    ass
    froggy, Feb 2, 2005
    #3
  4. froggy

    mario Guest

    froggy wrote:

    > oops.. right you are.. I should really have googled before being a smart
    > ass


    Better a smart ass than a dumb ass :).

    mario
    mario, Feb 2, 2005
    #4
  5. froggy

    froggy Guest

    On Wed, 02 Feb 2005 15:43:25 +1300, mario wrote:

    > froggy wrote:
    >
    >> oops.. right you are.. I should really have googled before being a smart
    >> ass

    >
    > Better a smart ass than a dumb ass :).
    >
    > mario

    now that ( being a dumbass) is something I have done a very good
    impression of from time to time...
    froggy, Feb 2, 2005
    #5
  6. froggy

    Steve Guest

    steven wrote:
    > On Wed, 02 Feb 2005 13:59:39 +1300, froggy wrote:
    >
    >
    >>heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    >>http://news.netcraft.com front page news...
    >>apache now serves more than 40 million sites (68.8% of all web sites)
    >>
    >>microsoft webservers ( I presume they mean IIS ) come a close second
    >>with 20.9%
    >>
    >><troll>
    >>hmm I wonder why no worms are released for apache... with an installed
    >>base like that you'd think there were a few floating about by now :p
    >></troll>

    >
    >
    > there is!
    >
    > they call it 'a patchy server' for a reason.
    >
    >

    That was a while ago, though.
    Steve, Feb 2, 2005
    #6
  7. froggy

    AD. Guest

    On Wed, 02 Feb 2005 15:00:21 +1300, steven wrote:

    > On Wed, 02 Feb 2005 13:59:39 +1300, froggy wrote:
    >> <troll>
    >> hmm I wonder why no worms are released for apache... with an installed
    >> base like that you'd think there were a few floating about by now :p
    >> </troll>

    >
    > there is!
    >
    > they call it 'a patchy server' for a reason.


    Yeah, but it wasn't that reason.

    --
    Cheers
    Anton
    AD., Feb 2, 2005
    #7
  8. In article <>,
    froggy <> wrote:

    >http://news.netcraft.com front page news...
    >apache now serves more than 40 million sites (68.8% of all web sites)
    >
    >microsoft webservers ( I presume they mean IIS ) come a close second
    >with 20.9%


    That's not a close second, that's a distant second!
    Lawrence D¹Oliveiro, Feb 2, 2005
    #8
  9. froggy

    froggy Guest

    On Wed, 02 Feb 2005 20:37:48 +1300, Lawrence D¹Oliveiro wrote:

    > In article <>,
    > froggy <> wrote:
    >
    >>http://news.netcraft.com front page news...
    >>apache now serves more than 40 million sites (68.8% of all web sites)
    >>
    >>microsoft webservers ( I presume they mean IIS ) come a close second
    >>with 20.9%

    >
    > That's not a close second, that's a distant second!


    lol.. i was being polite :p
    froggy, Feb 2, 2005
    #9
  10. "froggy" <> wrote in message
    news:p...
    > heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    > http://news.netcraft.com front page news...
    > apache now serves more than 40 million sites (68.8% of all web sites)
    >
    > microsoft webservers ( I presume they mean IIS ) come a close second
    > with 20.9%
    >
    > <troll>
    > hmm I wonder why no worms are released for apache... with an installed
    > base like that you'd think there were a few floating about by now :p
    > </troll>


    Reality check: Linux-based web servers are, by a huge margin, the most
    defaced on the internet http://www.zone-h.org/en/stats

    Brett Roberts
    Microsoft NZ
    Brett Roberts, Feb 2, 2005
    #10
  11. froggy

    Adder Guest

    In article <> in nz.comp on
    Wed, 02 Feb 2005 13:59:39 +1300, froggy
    <> says...
    > heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    > http://news.netcraft.com front page news...
    > apache now serves more than 40 million sites (68.8% of all web sites)
    >
    > microsoft webservers ( I presume they mean IIS ) come a close second
    > with 20.9%
    >
    > <troll>
    > hmm I wonder why no worms are released for apache... with an installed
    > base like that you'd think there were a few floating about by now :p
    > </troll>


    loll
    plenty of exploits affect apaceh
    Adder, Feb 2, 2005
    #11
  12. froggy

    Chris Hope Guest

    Adder wrote:

    >> <troll>
    >> hmm I wonder why no worms are released for apache... with an
    >> installed base like that you'd think there were a few floating about
    >> by now :p </troll>

    >
    > plenty of exploits affect apaceh


    So name some then that affect current Apache releases instead of just
    saying there are. I suspect there are either few or none, and probably
    the same for IIS.

    --
    Chris Hope - The Electric Toolbox - http://www.electrictoolbox.com/
    Chris Hope, Feb 2, 2005
    #12
  13. froggy

    AD. Guest

    On Thu, 03 Feb 2005 08:40:01 +1300, Brett Roberts wrote:

    > Reality check: Linux-based web servers are, by a huge margin, the most
    > defaced on the internet http://www.zone-h.org/en/stats


    Judging by that site, Linux accounted for 60% and Windows for 30% in total.

    Considering that there are now 3x as many Apache vs IIS sites, isn't that
    at least as bad news for Windows?

    --
    Cheers
    Anton
    AD., Feb 2, 2005
    #13
  14. In article <>, "Brett Roberts" <> wrote:
    >"froggy" <> wrote in message
    >news:p...

    *SNIP*
    >Reality check: Linux-based web servers are, by a huge margin, the most
    >defaced on the internet http://www.zone-h.org/en/stats
    >

    Mostly because they're used for hosted websites (almost nobody with a
    clue uses IIS for web hosting), and you have no control over what
    customers put on their sites.
    There are a number of PHP applications that are vulnerable to cross-site
    scripting, the most common defacement method. The same flaw presents on
    PHP under IIS. This makes it an application issue, not a Linux or
    Apache issue. Are we to blame IIS and Windows for poorly-written .NET
    applications?

    As froggy said, by the logic of OSS detractors (popular platforms
    attract attention from virus writers) there should be huge numbers of
    virii and worms around for Apache. There aren't. Someone could write a
    worm to automatically deface sites vulnerable through XSS, but it would
    first require a host platform - probably vulnerable Windows boxes.

    Remove the blinkers, Brett. It does you no favours.

    --
    Matthew Poole Auckland, New Zealand
    "Veni, vidi, velcro...
    I came, I saw, I stuck around"

    My real e-mail is mattATp00leDOTnet
    Matthew Poole, Feb 2, 2005
    #14
  15. AD. wrote:
    >>Reality check: Linux-based web servers are, by a huge margin, the most
    >>defaced on the internet http://www.zone-h.org/en/stats


    > Judging by that site, Linux accounted for 60% and Windows for 30% in total.
    > Considering that there are now 3x as many Apache vs IIS sites, isn't that
    > at least as bad news for Windows?


    Apache runs on Windows too, we use it here at work.
    Dave - Dave.net.nz, Feb 2, 2005
    #15
  16. froggy

    Adder Guest

    In article <ctrbbe$5dt$> in nz.comp on Wed, 02 Feb 2005
    20:57:34 GMT, Matthew Poole <> says...
    > In article <>, "Brett Roberts" <> wrote:
    > >"froggy" <> wrote in message
    > >news:p...

    > *SNIP*
    > >Reality check: Linux-based web servers are, by a huge margin, the most
    > >defaced on the internet http://www.zone-h.org/en/stats
    > >

    > Mostly because they're used for hosted websites (almost nobody with a
    > clue uses IIS for web hosting), and you have no control over what
    > customers put on their sites.


    nonsense
    you have a lot of control and can enforce security restrctions on users

    > There are a number of PHP applications that are vulnerable to cross-site
    > scripting, the most common defacement method. The same flaw presents on
    > PHP under IIS. This makes it an application issue, not a Linux or
    > Apache issue. Are we to blame IIS and Windows for poorly-written .NET
    > applications?


    > As froggy said, by the logic of OSS detractors (popular platforms
    > attract attention from virus writers) there should be huge numbers of
    > virii and worms around for Apache. There aren't. Someone could write a
    > worm to automatically deface sites vulnerable through XSS, but it would
    > first require a host platform - probably vulnerable Windows boxes.
    >
    > Remove the blinkers, Brett. It does you no favours.
    >
    >
    Adder, Feb 2, 2005
    #16
  17. froggy

    AD. Guest

    On Thu, 03 Feb 2005 09:58:29 +1300, Dave - Dave.net.nz wrote:

    > AD. wrote:
    >>>Reality check: Linux-based web servers are, by a huge margin, the most
    >>>defaced on the internet http://www.zone-h.org/en/stats

    >
    >> Judging by that site, Linux accounted for 60% and Windows for 30% in
    >> total. Considering that there are now 3x as many Apache vs IIS sites,
    >> isn't that at least as bad news for Windows?

    >
    > Apache runs on Windows too, we use it here at work.


    I've used it too, and I took account of that by saying "at least as bad".

    Do you really consider a statistically significant number of production
    web servers run Apache on Windows? Enough to account for the discrepancy
    between the two numbers?

    Especially considering what a pain in the ass Apache is to manage on
    Windows. 3rd party PHP or CGI Perl stuff never works quite as easily. Also
    using Apache on Linux means that patches can be nicely handled through
    apt-get or similar mechanisms from distros, while on Windows it means
    downloading and installing a whole new copy and merging your existing
    config into it - there was no upgrade option last time I looked (around
    2.0.48 or so).

    It might be ok on intranets, but you'd be mad to use it on the internet.

    --
    Cheers
    Anton
    AD., Feb 2, 2005
    #17
  18. froggy

    Axel Guest

    Adder wrote:
    > In article <ctrbbe$5dt$> in nz.comp on Wed, 02 Feb 2005
    > 20:57:34 GMT, Matthew Poole <> says...
    >
    >>In article <>, "Brett Roberts" <> wrote:
    >>
    >>>"froggy" <> wrote in message
    >>>news:p...

    >>
    >>*SNIP*
    >>
    >>>Reality check: Linux-based web servers are, by a huge margin, the most
    >>>defaced on the internet http://www.zone-h.org/en/stats
    >>>

    >>
    >>Mostly because they're used for hosted websites (almost nobody with a
    >>clue uses IIS for web hosting), and you have no control over what
    >>customers put on their sites.

    >
    >
    > nonsense
    > you have a lot of control and can enforce security restrctions on users
    >
    >


    But its up to admins to exercise that control correctly
    The figures tell the story

    By attack method:
    Configuration / admin mistake 31%
    Known vulnerability (unpatched) 24.8%
    Undisclosed 21.3%
    Brute force attack 12.7%
    Social Engineering 5.9%
    Axel, Feb 2, 2005
    #18
  19. froggy

    froggy Guest

    On Thu, 03 Feb 2005 08:40:01 +1300, Brett Roberts wrote:

    > "froggy" <> wrote in message
    > news:p...
    >> heh.. this hasnt even been slashdotted yet ( correct me if I'm wrong)
    >> http://news.netcraft.com front page news...
    >> apache now serves more than 40 million sites (68.8% of all web sites)
    >>
    >> microsoft webservers ( I presume they mean IIS ) come a close second
    >> with 20.9%
    >>
    >> <troll>
    >> hmm I wonder why no worms are released for apache... with an installed
    >> base like that you'd think there were a few floating about by now :p
    >> </troll>

    >
    > Reality check: Linux-based web servers are, by a huge margin, the most
    > defaced on the internet http://www.zone-h.org/en/stats
    >
    > Brett Roberts
    > Microsoft NZ


    Reality check: Apache isnt a Linux-Based webserver ( it runs on BSDs' ,
    Windows, Linux, Apple, Solaris, Netware, perhaps more)
    froggy, Feb 2, 2005
    #19
  20. Axel wrote:
    >> nonsense
    >> you have a lot of control and can enforce security restrctions on users


    > But its up to admins to exercise that control correctly
    > The figures tell the story
    > By attack method:
    > Configuration / admin mistake 31%
    > Known vulnerability (unpatched) 24.8%
    > Undisclosed 21.3%
    > Brute force attack 12.7%
    > Social Engineering 5.9%


    I would have thought that social engineering would have been higher than
    brute force... I guess people are smarter than I thought.
    Dave - Dave.net.nz, Feb 2, 2005
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silverstrand

    Beginners Guides: Website Hosting With Apache

    Silverstrand, Oct 24, 2005, in forum: Front Page News
    Replies:
    0
    Views:
    769
    Silverstrand
    Oct 24, 2005
  2. tejlor
    Replies:
    0
    Views:
    1,319
    tejlor
    Jan 16, 2004
  3. jda^fx

    mcafee/apache conflict

    jda^fx, Jul 18, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    1,609
    °Mike°
    Jul 18, 2003
  4. SunYau

    Help in Install Apache 2.0!!

    SunYau, Dec 29, 2003, in forum: Computer Support
    Replies:
    2
    Views:
    369
  5. 7
    Replies:
    4
    Views:
    380
Loading...

Share This Page