Someone told me that microsoft.com was running linux. He showed me this: http://uptime.netcraft.com/up/graph?....microsoft.com
Microsoft.com running linux... I started nmap, and guess what: I used the -O switch and the line appeared:
Remote operating system guess: Linux Kernel 2.4.0 - 2.5.20

So microsoft.com really is running Linux! Akamai, to be exactly. Another proof, I telneted to port 22 of microsoft. The port responded:
SSH-1.5-AKAMAI-I

Is it me or is that just stupid?! Well, not stupid actually; Its more stable and much better, but....... What do you think?

Akamai is not a version of Linux. Its the company that Microsoft is routing its servers though. And Akamai runs Linux, not Microsoft.

well, the akamai server was put in when the DDOS floods were the past few days, but that was only 1 pipe, now, looking at it, they added 2 more akamai pipes and: Linux Microsoft-IIS/6.0 16-Aug-2003 213.161.66.139 Abovenet Communications, Inc

that one is suspicious, they added another server which wasn't akamai but linux, whats their excuse now?? probably worried their servers might get hacked..


By the way, for a permanent record of this (because that link changes over time):
OS, Web Server and Hosting History for www.microsoft.com
OS Server Last changed IP address Netblock Owner
Linux Microsoft-IIS/6.0 16-Aug-2003 213.161.66.139 Abovenet Communications, Inc
Linux Microsoft-IIS/6.0 16-Aug-2003 213.161.82.29 Akamai
Linux Microsoft-IIS/6.0 15-Aug-2003 80.15.236.17 Akamai
Linux Microsoft-IIS/6.0 15-Aug-2003 213.161.82.33 Akamai
Windows Server 2003 Microsoft-IIS/6.0 11-Aug-2003 207.46.249.190 Microsoft Corp
Windows Server 2003 Microsoft-IIS/6.0 10-Aug-2003 207.46.249.27 Microsoft Corp
unknown Microsoft-IIS/6.0 9-Aug-2003 207.46.134.190 Microsoft Corp
Windows Server 2003 Microsoft-IIS/6.0 2-Aug-2003 207.46.134.222 Microsoft Corp
Windows 2000 unknown 1-Aug-2003 207.46.249.222 Microsoft Corp
Windows Server 2003 Microsoft-IIS/6.0 19-Feb-2003 207.46.134.155 Microsoft Corp


By the way, I'm betting the unknown machine is a linux/unix machine which they have probably altered the response of so ppl dont know

Finally, I found out from slashdot, but when it was posted there was only 1 linux server, now 4/10 servers are linux (nearly half)

.

I'm actually pretty interested about what OS the unknown machine is running (I'm betting its a nix based box)

They only started using it extremely recently. Akamai is a company that deals with clusters of computers and the computers DEFINATELY run linux, so microsoft is definately running linux now, because its pretty much required for akamai (akamai distributes the traffic making the site hard to DDOS attck

Microsoft is NOT running Linux. They are using the services of another company to route http requests through, and that company uses Linux. What happens on Netcraft when a person queries what OS/Server a site is running on is that that it follows the DNS entry to the IP assigned to it. Since numerous microsoft.com servers are routed through Akamai's service now, Netcraft believes the Akamai server its actually hitting is the actual Microsoft server, which it is not. Read this article if you are curious... and search older threads, this whole issue was covered to death last week
http://www.smh.com.au/articles/2003/...261127586.html

if you read it...

---------
Akamai provides an internet-wide caching system, which can act as a symmetric defence to distributed denial of service attacks.

Akamai’s http caching servers run Linux, and so we report Linux as the operating system. However Akamai also forwards the http Server: header from the original server as part of the cached content, and so we report “Microsoft-IIS/6.0” as the web server.
--------

So, we were right, technically it was running off linux, but the banners were being manipulated.. Like I said at least 3X now I was almost sure that the banners were probably being faked of the webserver, and that they were running linux, but no one listened

Akamai is a 3rd party, their servers belong to them, not Microsoft. As I've said multiple times now, Microsoft is merely using their services... so no server run and owned by Microsoft is running Linux. MS did this in efforts to protect windowsupdate.com from being taken down by a DoS attack by the Blaster virus. I'd imagine they keep doing it to protect themselves from future attacks of the same nature.

are you sure, because I quote "Akamai’s http caching servers run Linux, and so we report Linux as the operating system"

A HTTP caching system is essentially a front line of defence, as it caches the data from the original server reducing requests to it. So they aren't running linux, BUT, would I be right to say that each address is basically running as a caching proxy, and since the purpose of cache is to get a high hit rate (which would actually mean that since the DDOS flood would all be retriving the front page of the site if anything, if it was designed to fetch them or flood them by random ports), then 100% of the attackers (unless there was only a tiny amount) would be fetching the majority of data from the linux servers, and if it didn't exist then proceed to obtain a copy from the IIS servers.

Now if its a HTTP caching system, the primary intention of the system would like you suggest to help distribute floods reducing there effectiveness, but also to distribute the traffic over many systems. Which would mean that the only reason microsoft.com stood, was because of linux, as linux was effectively being used as a "firewall", but the systems, if the article was right also stood as a form of webservers, which only maintained data that was used often. Basically, when u factorise everything, Microsoft.com was practically running linux. While the primary server with the full site, which sites used to cache off wasn't, the akamai servers were acting as basic webservers and were handling requests on their own, which means that accessible part of their site was basically linux.

It would make no sense to have a system where each node ran snort or something and just forwarded the traffic to the IIS server, what the system does (from what is implied) is basically that it runs caching proxies on each node, which each act as mini webservers, dealing with traffic on their own.. So I believe its right to say Microsoft.com was basically running linux..


Of course, theres always the possibility that my whole argument was a waste of time to write and is completely wrong, but basically, it seems I was right from the start practically, except they are using caching HTTP proxies as webservers, instead of actual webservers.

I think we are just misunderstanding each other

All I'm saying is that Microsoft is not running Linux on any of the machines that they own. They are using Akamai's network of caching servers. These caching servers are owned entirely by Akamai, who charges companies to use them. The actual machine named www.microsoft.com is not running Linux. Its probably running Win2000 or XP or 2003. It runs IIS 6, because as we all know, IIS 6 definitely doesn't run on Linux

So its not Microsoft using Linux, they are just paying a company that uses Linux to help support their web services. Which is probably about closest us Linux geeks will come to seeing Microsoft running Linux on services to end-users in the near future

OK Thanks a lot