With the recent (MS05-038) and (MS05-039) problems from Microsoft, I decided to have a look at my web logs for the yaps4u.net domain to see what sort users where hitting my site.
In relation to the (MS05-039) problem, I wanted to see how many Windows 2000 users there were out there.
If you click on the extended entry below you will see the stats from my server logs taken over a 24 hour period and equates to about 6000 hits.
As you will see 13.98% of hits use Windows 2000 which is quite a sizeable chunk of internet users.
It appears that 60% of users are of the Windows flavour.
I suspect the low number of Firefox users is probably down to a few page rendering errors when viewing my site with that browser. I will sort it out one day when I find the part number for ordering some more roundtuits.
Over 30% of IE Browsers are pre-IE6 and closer examination of the logs shows that not all of them are patched or up to date, which is very worrying in this day and age.
I won’t go into the Anti-Microsoft thing, mainly because I am pro-Microsoft. In fact I am pro-anything, I just refuse to jump on the bandwagon and attack Microsoft at any oppurtunity. They happen to produce the majority of the tools that I use to do my work, and they perform quite well on the whole, so they can’t be getting it that wrong. And they always give the appearance of being concerned with customers, so I excuse them any transgressions they make over time. Not to say that wouldn’t change if they ever forgot about customers for want of profit, but I can’t see that happening.
As Firefox became popular enough to draw hacking resources away from IE, the problems appeared with that browser too. Ok, there won’t be the hacker who wants to create an exploit just because it is Microsoft, but there will be the commercial hackers whose aim is to gain financial rewards from their hacking exploits (no pun intended), rather than the discrediting of a major organisation.
In fact recent studies have found that there has been a large increase in what has been called commercial hacking, moving away from the trend of specifically targetting home users. The exploits will still ‘use’ the home user as a platform for launching these attacks as these supply the majority of unsecured machines with which to do so.
Now they are more likely to use home machines to attack or gain entry to commerical networks, rather than retrieve an individuals personal data.
Needless to say, no matter whose product has been identified as having a potential or real vulnerability, average Joe must be provided with the education to keep their machines up to date with upgrades/patches and the latest security, or these users will go on providing the methods for the hackers to work their nasties.
Education of the public is a must so rather than directing our angst at one company or group, we should start focussing on bringing Joe Public up to speed.
|Operating System||% of Total Visitors|
|9||Windows Server 2003||1.69%|
|Browser||% of Total Visitors|
|1||Internet Explorer 6.x||39.56%|
|2||Internet Explorer 5.x||19.78%|
|3||Internet Explorer 4.x||10.49%|
|5||Pluck Soap Client/1.0||2.72%|
|9||Bloglines/2.0 (http://www.bloglines.com; 1 subscriber)||1.41%|
|10||Mozilla/4.0 (compatible; Lotus-Notes/5.0; Windows-NT)||1.31%|
|14||Ilium Software NewsBreak||0.81%|
|20||Mozilla/4.0 (compatible; Google Desktop)||0.40%|
|28||CPG Dragonfly RSS Module Feed Viewer/2.3 (http://www.jordomedia.com)||0.30%|
|33||BlogsNowBot, V 2.01 (+http://www.blogsnow.com/)||0.20%|
|40||aipbot/1.0 (aipbot; http://www.aipbot.com; firstname.lastname@example.org)||0.10%|
|48||NutchCVS/0.06-dev (Nutch; http://www.nutch.org/docs/en/bot.html; email@example.com)||0.10%|