There’s a report out about phishing attacks on LAMP servers.

“The most frequently attacked operating system among survey respondents was Linux OS (76%). Attack victims reported that they used Apache as their web server in 81 percent of the responses, MySQL as their database application in 81 percent of the responses, and PHP/Java as their application platform in 82 percent of responses.

While we acknowledge that ―LAMP‖—Linux, Apache, MySQL, PHP—is the most popular web operating environment, the APWG IPC is concerned that this profile is exploited with such apparent frequency. “

Let’s see… they investigated 270 attacks on 203 million sites and they are concerned about the frequency of attacks on LAMP sites… Hmmm. That other OS runs 18% of sites and gets 19% of the attacks reported…

Let’s define frequency folks… How about a one in 851000 chance of a LAMP site being attacked by phishers and reporting the attack? I like those odds. How about all of the sites that did not report phishing details? Think any of them were using closed-source software?

About Robert Pogson

I am a retired teacher in Canada. I taught in the subject areas where I have worked for almost forty years: maths, physics, chemistry and computers. I love hunting, fishing, picking berries and mushrooms, too.
This entry was posted in technology. Bookmark the permalink.

6 Responses to LAMP FUD

  1. They could have done it with IIS but they did not.

  2. None of my student fell prey to malware on my watch.

  3. The Other Dave says:


    “Apache was the only major web server software to gain hostnames this month, with growth of 21M and nearly 2.2 percentage points of market share.”

    Any 12 yr old with his parents’ credit card can set up an account – or even a server on broadband – so this stat means nothing to promote open sores.

    All this shows is a bunch of people wanted to set up web sites and registered domain names.

  4. TFA reported data from 2009 so that might not be relevant but CentOS is only one of many distros used on servers. What I take away from TFA is that GNU/Linux is very secure and one has to avoid abject stupidity to keep it that way. Everyone knows the common PHP scripts so if an important site wants to use one the least they should do is keep it well patched and probably to check the PHP code as well. Read some of the comments following an article on this report at The Register. I, too have seen requests for phpMyAdmin in logs on a web-facing server. That should not be accessible from the web if it is not necessary. I would bet a lot of this is just terribly weak passwords.

  5. Ivan says:

    Considering the fact that a significant portion of the LAMP servers on the web just went three months without a security update thanks to CentOS developer incompetence, it’s difficult to view this as “FUD.”

  6. The Other Dave says:

    Let’s see… they investigated 270 attacks on 203 million sites

    And this is somehow different than your “students I’ve taught in some remote Northern part of Manitoba never had problems with Linux and therefore no one has problems with Linux” inductive reasoning?

    In the very least, you’re a hypocrite, but also a zealot with your fanatical open sores religion.

Leave a Reply