From: Mustafa Akgul (akgul@Bilkent.EDU.TR)
Date: Tue 01 Aug 2000 - 07:39:35 EEST
>From ying@e-softinc.com Tue Aug 1 07:56:24 2000
To: akgul@Bilkent.EDU.TR
: E-Soft's SecuritySpace.com Newsletter August 2000
********************************************************************
SecuritySpace Newsletter
Published by E-Soft
August 1st, 2000
********************************************************************
This newsletter sponsored by - ConSeal PC FIREWALL
ConSeal PC FIREWALL is the professional's choice for a secure,
cost-effective firewall solution. ConSeal is a packet-filtering
firewall which intercepts all network traffic, allowing only those
packets expressly permitted by the ruleset and blocking all others.
Rest assured knowing that ConSeal is protecting your Internet
servers, desktop PCs, and notebooks. During August, all Security
Space newsletter subscribers will receive a 10% discount. Visit
http://www.consealfirewall.com/index2.htm to download a
complimentary trial version today.
====================================================================
In this month's news letter:
I. New This Month
1) 32 Tests added to Desktop Audit Test Suite
2) Desktop Audits Can Now Bypass Some Proxies
3) Source for Vulnerability Tests Available On-Line
4) Daily and Weekly News Feeds Now Available
5) Weighed Web Server Share
6) SecuritySpace in the Press
II. Security News - Your Top 10 Picks of July
III. Web Server Surveys
1) Secure Web Server Market Share Change
2) Web Server Market Share Change
3) Top Web Server Revisions
4) Technology Penetration e.g. Java, Flash, etc.
5) Apache Module Report
6) Web Authoring Tools
7) Popularly Referenced Web Sites
8) Weighed Web Server Share
IV. Subscription / Removal Information
====================================================================
I. New This Month
1) 32 New Vulnerability Tests On-Line
-------------------------------------------------
Desktop Security Audits have 32 new tests added to the following
test categories:
CGI Abuses: 13 new tests
Windows: 5 new tests
FTP: 4 new tests
Denial of Service: 2 new tests
Remote file access: 2 new tests
Gain root remotely: 2 new tests
General: 2 new tests
Gain a shell remotely: 1 new test
SMTP problems: 1 new test
Total available tests: 468
New tests added in the last 30 days (and links to them) can be
found at http://www.securityspace.com/smysecure/last30.html
The complete arsenal of available tests can be viewed and searched
at http://www.securityspace.com/smysecure/categories.html
2) Desktop Audits Can Now Bypass Some Proxies
---------------------------------------------
The desktop audit service now has the ability to bypass some proxy
servers. If you were previously unable to run a test because the
audit service couldn't see your real IP address, you may wish to
check the proxy bypass function available on the audit launch
page.
3) Source for Vulnerability Tests Available On-Line
---------------------------------------------------
All vulnerability tests now have their source (Nessus' NASL
scripting language) available for viewing at
http://www.securityspace.com/smysecure/categories.html
4) Daily and Weekly News Feeds Now Available
--------------------------------------------
Our security news channel, updated on a daily basis
now allows you to sign up for receiving an email news feed
delivered once a day or once a week based on your choosing.
For the daily news feed, news is delivered shortly after
5 p.m. each week day (Mon-Fri), while the weekly news feed
is delivered after 5 p.m. on each Friday.
In each case, you receive news headlines and links to the
relevant stories.
Sign up at http://www.securityspace.com/secnews/subscribe.html
5) Weighed Web Server Share
----------------------------
A new monthly report is available as part of our web server
survey. It examines web server usage among the most popular
web sites, weighting the server market share by how popular
the sites are. Section 8 in the Web Server Surveys section
contains the text summary, and the complete on-line report
is available at
http://www.securityspace.com/s_survey/data/man.200007/weighted.html.
Spoiler: Apache is still first, and surprisingly enough, Netscape
is a strong second. Microsoft locks up 3rd place.
6) SecuritySpace in the Press
-----------------------------
For reference, we've put up a page showing who's talking about or
referring to our products and services. View the page at
http://www.securityspace.com/sspace/press.html
====================================================================
II. Security News - Your Top 10 Picks of July
Our readers ranked the following 10 articles as the most interesting
in July (based on click-through percentage):
They are, in order:
1. Wanna know how BT.com was hacked?
http://www.theregister.co.uk/content/6/12163.html
Story from The Register
2. Sneaky new virus format has software makers scrambling
http://news.cnet.com/news/0-1003-200-2218741.html
Story from CNET
3. Personal Firewalls / Intrusion Detection Systems
http://admin.securityportal.com/cover/coverstory20000717.html
Story from SecurityPortal
4. Security guru: Napster a security risk
http://www.zdnet.com/zdnn/stories/news/0,4586,2605466,00.html
Story from ZDNet
5. Microsoft patches IE browser security hole
http://news.cnet.com/news/0-1003-200-2196730.html
Story from CNET
6. New Security Audits Radically Reduce Cost of Securing Your Website
http://www.securityspace.com/sspace/press20000718.html
Story from SecuritySpace
7. Glitch found in Symantec antivirus updates
http://www.vnunet.com/News/1105488
Story from VNUNet
8. Applause for IE's Cookie Catcher
http://www.wired.com/news/business/0,1367,37703,00.html
Story from Wired News
9. Microsoft says e-mail program vulnerable to hackers
http://www.nandotimes.com/technology/story/0,1643,500229656-500332186-501892478-0,00.html
Story from Nando Times
10. Stolen Computers Will Self-Destruct
http://www.computeruser.com/news/00/07/12/news15.html
Story from Computer User
====================================================================
III. Web Server Surveys
1) Secure Web Server Market Share Change
----------------------------------------
Secure Web Server Survey
July 2000 survey found 57,519 servers
Across All Domains
Market Share Change
-------------------
July June Change
Server Count % Count % %
------------------------------------------------------------------
Apache 19802 34.43% 19354 33.65% +0.78%
Stronghold 16402 28.52% 16746 29.12% -0.60%
Microsoft 13367 23.24% 13315 23.15% +0.09%
Netscape 4751 8.26% 4840 8.42% -0.16%
WebStar 598 1.04% 591 1.03% +0.01%
WebSite 512 0.89% 534 0.93% -0.04%
Other 2087 3.63% 2132 3.71% -0.08%
Visit our Secure Web Survey on-line in "My Security" at
<http://www.securityspace.com>. With over 300 pages and 200 graphical
images published on line each month, we provide information on
o Popularity of the various protocols (SSLv2, SSLv3, TLSv1)
o Popularity of ciphers (RC2, RC4, DES)
o Popularity of Certificate Authorities
and more. All data is analyzed both world-wide and on a domain
by domain basis, and best of all it's all free.
2) Web Server Market Share Change
---------------------------------
Web Server Survey
July 2000 survey found 2,213,960 servers
Across All Domains
Market Share Change
-------------------
July June Change
Server Count % Count % %
------------------------------------------------------------------
Apache 1268923 57.31% 1225889 56.81% +0.50%
Microsoft 625903 28.27% 605631 28.06% +0.21%
Netscape 97713 4.41% 96870 4.49% -0.08%
WebSite 25042 1.13% 24979 1.16% -0.03%
WebStar 22794 1.03% 22243 1.03% +0.00%
Zeus 20266 0.92% 19574 0.91% +0.01%
Other 153319 6.93% 162810 7.54% -0.61%
See < http://www.securityspace.com/s_survey/data/index.html > for more
information.
3) Top Web Server Revisions
---------------------------
Jul 2000 Jun 2000 Growth
Server Count % Count % %
----------------------------------------------------------
Apache 1.3 1028148 46.44% 976744 45.26% 2.60%
IIS 4.0 535830 24.20% 524084 24.29% -0.34%
Apache 1.2 169063 7.64% 177150 8.21% -6.98%
Netscape-Ent 3 62258 2.81% 61659 2.86% -1.58%
IIS 3.0 44385 2.00% 46611 2.16% -7.18%
A breakdown of market share on a server's release by release
basis can be found at
http://www.securityspace.com/s_survey/data/200007/servers.html
4) Technology Penetration - Java, JavaScript, etc.
--------------------------------------------------
Based on a sample of 62,016 web sites, the following table
illustrates the penetration rate of a variety of client side
technologies:
Technology Sites Percentage
-----------------------------------------
JavaScript 19,648 31.68%
Frames 10,267 16.55%
StyleSheets 6,868 11.07%
IFrames 3,090 4.98%
Java 2,475 3.99%
GIF Graphics 38,195 61.58%
JPG Graphics 23,097 37.24%
PNG Graphics 524 0.84%
Flash/Shockwave 804 1.29%
Report on-line at
http://www.securityspace.com/s_survey/data/man.200007/techpen.html
5) Apache Module Report
-----------------------
The Apache Module report is a breakdown of the popular add-on
modules to the Apache web servers. All percentages shown
are based on an Apache population of 1,268,923 servers in this
month's survey.
Jul 2000 Jun 2000 Growth
Module Count % Count % %
-----------------------------------------------------------------
PHP 418011 32.94% 392603 32.03% 2.86%
FrontPage 248388 19.57% 243163 19.84% -1.32%
perl 126503 9.97% 110865 9.04% 10.24%
mod_ssl 112304 8.85% 103657 8.46% 4.67%
OpenSSL 93391 7.36% 84254 6.87% 7.09%
ApacheJServ 43086 3.40% 41146 3.36% 1.16%
mod_front 31255 2.46% 30083 2.45% 0.37%
Ben-SSL 27467 2.16% 27141 2.21% -2.23%
AuthMySQL 21536 1.70% 19889 1.62% 4.61%
rus 18138 1.43% 17568 1.43% -0.26%
BSafe 14507 1.14% 13534 1.10% 3.55%
Rewrit 11948 0.94% 11320 0.92% 1.97%
mod_fastcgi 10034 0.79% 9188 0.75% 5.50%
SSLeay 9282 0.73% 9932 0.81% -9.71%
Raven 5162 0.41% 4744 0.39% 5.12%
mod_fs 4816 0.38% 4524 0.37% 2.84%
Resin 4003 0.32% 426 0.03% 807.80%
DAV 3970 0.31% 3768 0.31% 1.79%
mod_czech 2981 0.23% 3063 0.25% -5.98%
mod_macro 1520 0.12% 1456 0.12% 0.86%
mod_oas 1342 0.11% 773 0.06% 67.72%
CSacek 1128 0.09% 800 0.07% 36.22%
WebTen 1127 0.09% 1175 0.10% -7.34%
Chilisoft 946 0.07% 6 0.00% 15131.96%
HomepageEngine 913 0.07% 198 0.02% 345.47%
mod_throttle 761 0.06% 648 0.05% 13.46%
LocalRef 615 0.05% 596 0.05% -0.31%
AuthPostgreSQL 561 0.04% 506 0.04% 7.11%
ihtml 413 0.03% 329 0.03% 21.27%
iae_chroot 246 0.02% 246 0.02% -3.39%
Looking for a specific module? Check the module registry at
http://modules.apache.org
Report on-line at
http://www.securityspace.com/s_survey/data/man.200007/apachemods.html
6) Web Authoring Tools
----------------------
This survey works by examining web sites, looking for specific
strings inserted by popular authoring tools, usually into
a meta tag of a web page. Readers are cautioned that numerous
authoring tools do NOT add these meta tags, and are thus not
reported. The sample set for this report was 73,528 sites.
Web Authoring Package Sites %
-------------------------------------------
Microsoft FrontPage 8015 10.90
Netscape Composer 3406 4.63
Adobe PageMill 1081 1.47
Adobe GoLive 676 0.92
Microsoft FrontPage Express 560 0.76
Microsoft Word 496 0.67
NetObjects Fusion 419 0.57
Golive CyberStudio 267 0.36
HotMetal Pro 226 0.31
Namo WebEditor 216 0.29
Visual Page 166 0.23
IBM HomePage Builder 140 0.19
bbedit 125 0.17
Microsoft Publihser 95 0.13
Arachnophilia 74 0.10
Sausage Software 72 0.10
Microsoft Visual Studio 63 0.09
Symantec Visual Page 61 0.08
NetObjects Authoring 56 0.08
htmled 33 0.04
Corel WordPerfect 33 0.04
Internet Assistant for Word 27 0.04
analog 26 0.04
Frontier 26 0.04
StarOffice 24 0.03
DreamWeaver 21 0.03
Microsoft Developer Studio 20 0.03
Lotus Domino 20 0.03
Cosmo Create 20 0.03
Elemental Software 12 0.02
MicroVision Development 11 0.01
Allaire 11 0.01
IBM NetObjects TopPage 9 0.01
Complete report on-line at
http://www.securityspace.com/s_survey/data/man.200007/webauth.html
7) Popularly Referenced Web Sites
---------------------------------
The most commonly linked to sites, based on a survey
of 73,528 web sites, are shown below. The top 20 entries are
shown below, while the complete report is available on-line at
http://www.securityspace.com/s_survey/data/man.200007/referral.html
Web Site % Referrals
---------------------------------------------------
http://www.microsoft.com 4.66%
http://home.netscape.com 2.62%
http://www.yahoo.com 1.83%
http://www.apache.org 1.75%
http://www.geocities.com 1.66%
http://www.adobe.com 1.60%
http://www.netscape.com 1.37%
http://www.amazon.com 1.23%
http://ad.doubleclick.net 1.05%
http://members.aol.com 1.00%
http://www.excite.com 0.98%
http://www.lycos.com 0.95%
http://www.hypermart.net 0.92%
http://click.go2net.com 0.91%
http://www.tera-byte.com 0.80%
http://www.spaceproxy.com 0.80%
http://www.cjb.net 0.80%
http://chat.cjb.net 0.80%
http://vilogic.cjb.net 0.80%
http://mail.cjb.net 0.80%
8) Weighed Web Server Share
----------------------------
This report reports web server share. Rather, however, than just
counting the number of sites using each web server, we weigh
the site by how many other sites link to it. We provide
three different views - a view of the top 50 sites, the top
250 sites, and the top 1000 sites, with "top" being defined by
who has the most references (based on our referral report in the
previous section.)
The complete report is available on line at
http://www.securityspace.com/s_survey/data/man.200007/weighted.html.
Top 50 Summary
----------------
Apache 31.31%
Netscape 23.08%
Microsoft 17.64%
Top 250 Summary
-----------------
Apache 58.59%
Netscape 15.09%
Microsoft 11.45%
Top 1000 Summary
----------------
Apache 60.64%
Netscape 15.31%
Microsoft 11.26%
====================================================================
IV. Subscription/Removal Information
If you know of anyone who may find this newsletter interesting,
please forward it to them.
To subscribe or unsubscribe from this newsletter, please visit
https://secure1.securityspace.com/secnews/subscribe.html
--------------------------------------------------------------------
Ying Chan Tel: (905) 331-2260
Marketing Manager Fax: (905) 331-2504
E-Soft Inc. http://www.e-softinc.com
SecuritySpace.com http://www.securityspace.com
Listeden cikmak icin:
unsub linux
mesajini listeci@bilkent.edu.tr adresine gonderiniz.
Lutfen Listeci icin MIME / HTML / Turkce Aksan kullanmayin.
Listeci arayuzu: http://listweb.bilkent.edu.tr/yardim/bilkent/linux.html
Liste arsivinin adresi: http://listweb.bilkent.edu.tr/