Microsoft Web server app gains on Linux

The software giant moves in on Linux, according to a monthly survey, which also shows that many e-commerce sites use potentially vulnerable security measures.

Matthew Broersma Special to CNET News
2 min read
Microsoft's Web server software gained significant market share on rivals during March, according to a new survey, after two large domain name "parking" services switched to Windows systems.

In a monthly survey of more than 38 million Internet-connected computers conducted by Netcraft, Microsoft market share rose nearly two million to 12.9 million computers--a market share of 34.02 percent and a rise of 4.89 percent.

Apache servers running on Linux dropped to 53.76 percent. iPlanet software from Netscape and Sun Microsystems dropped by about 200,000 to 2.33 percent.

Netcraft said the change was mainly due to the shift of the domain name parking services of Register.com and Network Solutions from Linux and iPlanet to Microsoft software. Domain names are often "parked" on the servers of a registrar while they are under development.

Network Solutions shifted several hundred thousand sites from an iPlanet system at Web hosting firm Digex to Microsoft-based systems at Interland during March. Thousands of the Network Solutions sites at Interland were defaced shortly afterwards.

Netcraft also found that many sites using SSL (Secure Sockets Layer) encryption, a common form of security used on e-commerce sites, use cryptographic keys that are short enough to be vulnerable to hackers, mainly as a lingering effect of tight U.S. restrictions on the export of cryptographic tools. In most European countries, 25 percent of SSL servers use vulnerable keys, Netcraft said, including in the United Kingdom, where 26.5 percent of SSL servers use short keys.

U.S. export restrictions have been relaxed in recent years but the effect lingers, the firm said.

"U.S. export regulations have had a discernable impact in slowing use of strong cryptography outside of the (United) States," the survey found.

Experts recommend a key length of 1,024 bits, but software using such lengthy keys was not originally available for export outside the United States.

Within the United States, by contrast, only 15.1 percent of SSL sites used short keys.

Matthew Broersma reported from London.