Microsoft hides behind Linux for protection

Microsoft hides behind Linux for protection

Summary: Microsoft is relying on Linux to keep its Web site safe from attackers


Microsoft has employed Akamai's Linux-based servers to protect its Web site and reduce the site's vulnerability to viruses, worms and denial of service attacks.

Microsoft has been in turmoil over the past couple of weeks, after at least three significant worm and virus attacks. The Web site was also brought down on at least two separate occasions after a distributed denial of service (DoS) attack. Deploying Linux-based servers is significant because the open-source operating system is an arch-rival to Windows.

According to Internet services company Netcraft, Microsoft changed the DNS of its Web site so that requests for pages are no longer handled by Microsoft's own network, but instead by the Akamai cache servers -- which consists of 15,000 Linux-based servers spread around the globe.

Microsoft's other option was to take the Web site off line, which is exactly what the software giant did with after it came under attack from the Blaster worm. is less important to Microsoft's operations than, and employing Akamai was the best practical step it could take to defend itself against more DoS attacks, Netcraft said.

A Microsoft spokesman told ZDNet UK: "Our many connection service providers' infrastructures are diverse; our main concern is doing whatever it takes to help ensure our customers can get to the patch to protect their computers.”

Topics: Apps, Software Development

Munir Kotadia

About Munir Kotadia

Munir first became involved with online publishing in 1998 when he joined ZDNet UK and later moved into print publishing as Chief Reporter for IT Week, part of ZDNet UK, a weekly trade newspaper targeted at Enterprise IT managers. He later moved back into online publishing as Senior News Reporter for ZDNet UK.

Munir was recognised as Australia's Best Technology Columnist at the 5th Annual Sun Microsystems IT Journalism Awards 2007. In the previous year he was named Best News Journalist at the Consensus IT Writers Awards.

He no longer uses his Commodore 64.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • I have been waiting for 13 years for microsoft to fix their calculator in windows so it does not suprise me that they needed outside help to solve this problem.

    Calculator 100,000 * 6% / 365
    If you are paying that intrest daily you are in big trouble.
  • Enough said!!
  • Well it is about time. MS started to give in for the benefit of the users. This isn't going to hurt them is it? May be it is time for MS to join and welcome OSS. Way to go FLOSS
  • It defies logic. Not the worm but Microsoft's Choice. Didn't they buy SCO licence just a few weeks ago? I wonder why they didn't use SCO Unix?
  • HA HA HA HA HA!!!!!!!!!!!!
  • hahaha. that must be a blow to microsoft executives' egos.
  • M$ must be eating tons of crow: What a tacet admission by M$ that it is totally insecure by design; that their vaunted Software Security Program is nothing more than a bunch of Hot Air. They don't even believe enough in their own product to secure it so that they can't be attacked. If M$ can't secure their own product so that it can't be attacked, then nobody can. What hypocrisy emanates from Redmond: M$ is ready for the Enterprise??? I don't think so -- they have to rely upon a company that runs a REAL OS they have claimed is a "Cancer" and many other unflattering things.

    The BEST thing Bill Gates could do is take his tinker toy and go home and produce an OS for all those "Home Users" and stay away from the Enterprise -- clearly M$, in spite of all its hot air, is NOT ready for the Enterprise, and worse only puts any enterprise that runs M$ Bugware in jeopardy.

    Bill Gates: GO HOME!!! Come back when you actually GROW UP!!!

    May the SOURCE be with GNU
  • I think the headline speaks volumes. enough said.
  • Well now it would seem to me that ol M$ themselfs are sayin the ideal patch for computers runnin the M$ Latest & Greatest is quite simply spelt Linux OOOooooooohhhh i like the sound of that Linux Linux Linux Linux you know i could type that all night long..he he he ...
  • Sensationalism.

    Iam a one-eyed GNU/Linux lover and MS-hater like most people in the Open Source community, but this isn't news.

    Microsoft are a big target and they employed the services of a proven-to-work caching company to help keep their website available to their customers.

    Microsoft would be morons to try to setup a similar infrastructure (at great expense) using Windows boxes just because Akamai use Linux.
  • Don't get me wrong, I'm a linux enthusiast. I've got a linux server at home, at work. My home desktop is linux, and I'm just about to set up a Linux computer lab for my kids' primary school. I'm no Microsoft apologist and I like reading LinuxToday to keep track of Linux conversions.


    In this case, the '40,000 distributed servers' is the significant fact of the article. It's irrelevant whether they are running Windows, Linux, MacOS or whatever, Microsoft are just spreading the target for a DDOS attack rather than putting up a single machine of their own which could be flooded easily. If they were running this server and chose Linux, that would be a story.

    The irony is still sweet, though.
  • Just because microsoft is using a Linux system to protect their servers in no ways means linux is superior, just different. As microsoft stated, they want their customers to be able to get ahold of the updates they need. The fact that microsoft would use a rivals software to do this just shows that they are better people than people think.
  • I think that it's great that people from Microsoft found a way to solve the problem, even if it means being laughed at.
  • Microsoft is not afraid to use other operating systems to do their biddings. In the past, hotmail was run from FreeBSD boxes.
    Also, Microsoft did not employ Linux boxes to protect itself, rather it used Akamai's network (and consequently their cache servers - which just happen to run linux) to protect it's own network. It may seem like semantics but consider this; Akamai's 15,000 cache servers spread around the globe make it fundamentally a better way to deflect a DDoS attack.
  • IT's so funny to see Microsoft's behaviour! The master of the masters using his rival software! Be careful, the people can change their OS. Microsoft, be honest: you're not the best!
  • It seems that Microsoft is running from their own fart.
  • It's a great move from the MS perspective. Now those who are targetting MS has to go the other way round. Means the people who are envy of windows have to break down the linux. Great thinking. Tht's y they are the leaders.
  • Talk about spin! MIcrosoft choose Akamai because of their [Akamai/] large capacity network infrastructure, period! Linux, has nothing to do with the DNS change by Microsoft, and you know it. Your constant Microsoft bashing shows just how little you understand the Internet, or just how much you hate Bill Gates. I would venture it is a little of both.
  • M$ stuff is just plain junk. 2000 was said to be stable and safe. haha. i really hope people who run servers take a hard look at this, with M$'s record, linux is a better choice. M$ puts out soo many patches, you can bet their are more demons waiting to be exploted. I supose I must live in a cave, M$ just smells bad.
  • Well, Honeslty I don't know who this company that caches page but, I see 2 advantages to this.
    1) M$ doesn't have to pay for as much bandwith.
    2) Microsoft is protected from a direct attack.
    Now honestly if I were this company, I would have cut M$ off for abusing the system.

    I have been wating for this day, that the reply from Microsoft is a UNIX or a BSD base. Honestly we all know windows is weak on security, probably are vulnerable still to some of there own known attacks.

    I only see one reason for routing through a system you down own when ya obviously have the bandwith, your fearing a direct access attempt.(lets face it crackers/script kiddies arn't to bright, they use domain names, instead of ip#'s or a combination of the two, to attack a system, this will send all attacks to the cache server instead of the M$ servers, protecting them, allowign transactions to compleat w/o most users knowing they are using a cache system, or noticing a server failure should one occure.