main
Report a problem

Google: Percentagewise, IIS Serves Up Most Malware

Slimy   on 07 June 2007 - 23:08 · 14 comments & 6362 views

Advertisement (Why?)
In surveying some 80 million domain names, Google has found that nearly half (49 percent) of the world's malware is coming from only 23 percent of its servers—those being Microsoft's IIS servers. In Google's security blog on June 5, an Anti-Malware Team member reported that IIS and Apache (also at 49 percent) evenly split up the malware served, even though Apache makes up almost three times the number of Web servers out there. The remaining 2 percent of malware is served up by "other" servers, Google says.

Overall, Google found that 66 percent of all Web servers examined—not just those serving malware—are Apache servers. IIS servers constitute 23 percent of all servers, nginx accounts for 4 percent and "other" accounts for 7 percent. Netcraft's May 2007 Web server survey pegs Apache at only 56 percent of the Web servers out there, and Windows at 31.5 percent, out of 118,023,363 sites surveyed.

View: Full Story
News source: eWeek

Share this Article

  • Technorati
  • Magnolia
  • Stumble upon it
  • Reddit
  • Blink List
  • Delicious
  • Slashdot
  • Furl
  • Facebook
  • Windows Live
  • Google
  • Newsvine
  • Yahoo
  • RawSugar
  • Netvouz

About the Author

Full name: Unknown
User name: Slimy
Contact: via forum PM
Submissions: View All
More: View Profile

Related news

 

Post a comment · Send to friend Comments · There are 14 additional comments
(8 replies) #1 phiberoptik on 07 Jun 2007 - 23:32
Is it also safe to say thats because IIS is more widely used then any other web-server service? I don't know how accurate their 56% of the web-servers our there are apache is.....
#1.1 Express on 07 Jun 2007 - 23:37
The original article explains why the stats are so against IIS.
The Bulk of the machines serving malware with IIS are in China & South Korea.
These machines are never been patched because they are running pirated copies!!!

IIS 6 by itself has proven to very secure -- it has never had a remotely exploitable vulnerability in its entire lifetime!
So the exploiters have used other means of compromising the machines or are deliberately serving malware.
#1.2 vetmarkjensen on 08 Jun 2007 - 02:49
Quote - (Express said @ #1.1)
IIS 6 by itself has proven to very secure -- it has never had a remotely exploitable vulnerability in its entire lifetime!
While I would agree with a statement that II6 was overall very secure, you are just spouting out fabricated lies!
Remote exploit #1: http://secunia.com/advisories/11563/
Remote exploit #2: http://secunia.com/advisories/12801/
Remote exploit #3: http://secunia.com/advisories/21006/
#1.3 Express on 08 Jun 2007 - 03:45
None of those are remotely exploitable.
#1.4 kyro on 08 Jun 2007 - 04:02
Quote - (Express said @ #1.1)
it has never had a remotely exploitable vulnerability in its entire lifetime!


Wrongggg
#1.5 kyro on 08 Jun 2007 - 04:04
Quote - (Express said @ #1.3)
None of those are remotely exploitable.


Wrongggggggggg


i can go like this all day.
#1.6 Express on 08 Jun 2007 - 04:59
Oh Please! A Google search and a pointer to a page which is not even an IIS exploit. It shows to way to get slow responses from a ISAPI filter. While you are at it all day. Post all PHP vulnerabilities and call then Apache remote exploits.
#1.7 Mathiasdm on 08 Jun 2007 - 07:45
Quote - (phiberoptik said @ #1)
Is it also safe to say thats because IIS is more widely used then any other web-server service? I don't know how accurate their 56% of the web-servers our there are apache is.....

Ever heard about Netcraft?
#1.8 Magallanes on 10 Jun 2007 - 02:01
Quote - (markjensen said @ #1.2)
Quote - (Express said @ #1.1)
IIS 6 by itself has proven to very secure -- it has never had a remotely exploitable vulnerability in its entire lifetime!
While I would agree with a statement that II6 was overall very secure, you are just spouting out fabricated lies!
Remote exploit #1: http://secunia.com/advisories/11563/

Not a vulnerability, linux can give more information (for example a simple telnet).

Quote - (markjensen said @ #1.2)
Remote exploit #2: http://secunia.com/advisories/12801/

Apply a old patch.....
Quote - (markjensen said @ #1.2)
Remote exploit #3: http://secunia.com/advisories/21006/


Absurd... since PHP also can be insecure in the same degreed or even more (since in asp and php you can create object, modify system and also run a shell command).
#2 phiberoptik on 08 Jun 2007 - 00:53
Gotcha, so basically the whole article and stats are BS because we all know not to trust the Chinese anyway right?
#3 antaris on 08 Jun 2007 - 08:53
Who gives a damn what web server they are using to distribute malware. It really doesn't matter and it is really immaterial. This article is pointless. Really it should be what country serves up the most malware. It's very annoying to see a news article which targets such a serious problem but blames it on something which is completey unaccountable for it. "ooooh, IIS serves malware...it must be bad"...It's not the server that is the problem, it's the idiots application running on top of it. I have never wanted to swear at zealots so much in my life.... ggaaahhhh!
#4 Septimus on 08 Jun 2007 - 09:41
Doesn't mean that the servers are compromised... just that IIS is to easy to setup for morons who want to serve malware can quickly and easily.
(1 reply) #5 black_death on 08 Jun 2007 - 22:11
lol @ people who use IIS, the one thing windows sucks at is being a server.
#5.1 +Dakkaroth on 09 Jun 2007 - 17:06

Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!

Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.

Advertisement (Why?)
News powered by Neowin Management System (Build - 5.0.1387) © 2000 - 2008 Neowin.net