Solved

Web site (stopped) cannot be started - will start if I change port to anything other than 80 - please help

Posted on 2004-08-22
4
2,372 Views
Last Modified: 2012-06-27
Hello all,

My Windows 2003 Server worked fine for months. All of the sudden on Monday the default web site is "stopped" and if I try to start it, I get a message that says that it is being used by another process.

Why is this? we did not make any changes on the computer, there are no weird processes running and there are no viruses. The only thing I noticed is that it will start if I change the port to something other than port 80.

This Windows 2003 server has only 1 web site in it and has only 2 roles enabled (file server and application server), it does not have firewall enabled either. This problem happens even when the server is disconnected from the network.

Thanks,

A.
0
Comment
Question by:theadstudio
  • 2
  • 2
4 Comments
 
LVL 10

Expert Comment

by:jhautani
ID: 11867474
Some other process is using port 80 and if you have not done any changes, I fear that your system has been compromised.
Processes can be hidden, so that they do not show in Task Manager.
You can use TCPView from Sysinternals to find out what process is listening at port 80 and Process Explorer to get detailed information.
TCPView can be downloaded here:
http://www.sysinternals.com/ntw2k/source/tcpview.shtml
and Process Explorer here:
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

hope this helps
0
 

Author Comment

by:theadstudio
ID: 11871488
I have run both tcpview and process explorer and I did not see anything suspicious, here is the output from both programs, please help:

----------------------------------------------------
Process Explorer:
Process      PID      CPU      Description      Company Name
System Idle Process      0      95            
 Interrupts      n/a            Hardware Interrupts      
 DPCs      n/a            Deferred Procedure Calls      
 System      4                  
  smss.exe      424            Windows NT Session Manager      Microsoft Corporation
   csrss.exe      472            Client Server Runtime Process      Microsoft Corporation
   winlogon.exe      496            Windows NT Logon Application      Microsoft Corporation
    services.exe      540            Services and Controller app      Microsoft Corporation
     svchost.exe      720            Generic Host Process for Win32 Services      Microsoft Corporation
      wmiprvse.exe      2992            WMI      Microsoft Corporation
     svchost.exe      792            Generic Host Process for Win32 Services      Microsoft Corporation
     svchost.exe      992            Generic Host Process for Win32 Services      Microsoft Corporation
     svchost.exe      1020            Generic Host Process for Win32 Services      Microsoft Corporation
     svchost.exe      1040            Generic Host Process for Win32 Services      Microsoft Corporation
     spoolsv.exe      1228            Spooler SubSystem App      Microsoft Corporation
     msdtc.exe      1252            MS DTCconsole program      Microsoft Corporation
     dcevt32.exe      1448            Dell OpenManage Event Monitor      Dell Computer Corporation.
     dcstor32.exe      1472            Dell OpenManage Server Agent      Dell Computer Corporation.
     svchost.exe      1504            Generic Host Process for Win32 Services      Microsoft Corporation
     inetinfo.exe      1544            Internet Information Services      Microsoft Corporation
     sfmsvc.exe      1564            Windows NT Macintosh File Server Service      Microsoft Corporation
     mr2kserv.exe      1584            mr2kserv Module      
     svchost.exe      1616            Generic Host Process for Win32 Services      Microsoft Corporation
     retrorun.exe      1736            Retrospect      Dantz Development Corporation
     RevationServer.exe      1836            RevationServer       
     WebLink.exe      1860            Revation WebLink       
     omaws32.exe      1892            Internet Server NT Service      Dell Computer Corporation
      diagorb.exe      1244                  
     snmp.exe      1916            SNMP Service      Microsoft Corporation
     VxSvc.exe      1936            Volume Manager Service      VERITAS Software Corp.
     dfssvc.exe      2040            Windows NT Distributed File System Service      Microsoft Corporation
     svchost.exe      244            Generic Host Process for Win32 Services      Microsoft Corporation
    lsass.exe      552            LSA Shell      Microsoft Corporation
explorer.exe      2644            Windows Explorer      Microsoft Corporation
 procexp.exe      3868      5      Sysinternals Process Explorer      Sysinternals
Process: System Idle Process Pid: 0

---------------------------------------------------------
Here is the output from TCP view:

diagorb.exe:1244      TCP      poweredge:1035      localhost:1034      ESTABLISHED      
diagorb.exe:1244      TCP      poweredge:1034      localhost:1035      ESTABLISHED      
diagorb.exe:1244      TCP      poweredge:1036      localhost:1037      ESTABLISHED      
diagorb.exe:1244      TCP      poweredge:1034      poweredge:0      LISTENING      
diagorb.exe:1244      TCP      poweredge:1036      poweredge:0      LISTENING      
IEXPLORE.EXE:3756      UDP      poweredge:1073      *:*            
lsass.exe:552      UDP      poweredge:4500      *:*            
lsass.exe:552      UDP      poweredge:isakmp      *:*            
lsass.exe:552      TCP      poweredge:1025      poweredge:0      LISTENING      
msdtc.exe:1252      TCP      poweredge:1027      poweredge:0      LISTENING      
omaws32.exe:1892      TCP      poweredge:1037      localhost:1036      ESTABLISHED      
omaws32.exe:1892      TCP      poweredge:1033      poweredge:0      LISTENING      
omaws32.exe:1892      TCP      poweredge:1311      poweredge:0      LISTENING      
omaws32.exe:1892      TCP      poweredge:8000      poweredge:0      LISTENING      
RevationServer.exe:1836      UDP      poweredge:1028      *:*            
RevationServer.exe:1836      TCP      poweredge:5061      adsl-067-035-079-153.sip.mia.bellsouth.net:3256      ESTABLISHED      
RevationServer.exe:1836      TCP      poweredge:5061      armando:1048      ESTABLISHED      
RevationServer.exe:1836      TCP      poweredge:5061      poweredge:0      LISTENING      
RevationServer.exe:1836      TCP      poweredge:5443      poweredge:0      LISTENING      
RevationServer.exe:1836      TCP      poweredge:8010      poweredge:0      LISTENING      
RevationServer.exe:1836      TCP      poweredge:5061      poweredge:1031      ESTABLISHED      
RevationServer.exe:1836      TCP      poweredge:5061      rolando:1044      ESTABLISHED      
RevationServer.exe:1836      TCP      poweredge:5061      tzeitel:1046      ESTABLISHED      
snmp.exe:1916      UDP      poweredge:snmp      *:*            
svchost.exe:1040      UDP      poweredge:ntp      *:*            
svchost.exe:1040      UDP      poweredge:ntp      *:*            
svchost.exe:1040      TCP      poweredge:1026      poweredge:0      LISTENING      
svchost.exe:720      TCP      poweredge:epmap      poweredge:0      LISTENING      
svchost.exe:792      TCP      poweredge:3389      poweredge:0      LISTENING      
svchost.exe:992      UDP      poweredge:1041      *:*            
svchost.exe:992      UDP      poweredge:1078      *:*            
System:4      UDP      poweredge:microsoft-ds      *:*            
System:4      UDP      poweredge:netbios-dgm      *:*            
System:4      UDP      poweredge:netbios-ns      *:*            
System:4      TCP      poweredge:netbios-ssn      armando:1030      ESTABLISHED      
System:4      TCP      poweredge:548      poweredge:0      LISTENING      
System:4      TCP      poweredge:microsoft-ds      poweredge:0      LISTENING      
System:4      TCP      poweredge:netbios-ssn      poweredge:0      LISTENING      
System:4      TCP      poweredge:netbios-ssn      rolando:1034      ESTABLISHED      
System:4      TCP      poweredge:netbios-ssn      tzeitel:1030      ESTABLISHED      
System:4      TCP      poweredge:netbios-ssn      videodell:1029      ESTABLISHED      
VxSvc.exe:1936      UDP      poweredge:2148      *:*            
WebLink.exe:1860      UDP      poweredge:1029      *:*            
WebLink.exe:1860      TCP      poweredge:http      armando:2755      ESTABLISHED      
WebLink.exe:1860      TCP      poweredge:http      poweredge:0      LISTENING      
WebLink.exe:1860      TCP      poweredge:https      poweredge:0      LISTENING      
WebLink.exe:1860      TCP      poweredge:1031      poweredge:5061      ESTABLISHED      
WebLink.exe:1860      TCP      poweredge:http      tzeitel:1765      ESTABLISHED      
WebLink.exe:1860      TCP      poweredge:http      videodell:1116      ESTABLISHED      
0
 
LVL 10

Accepted Solution

by:
jhautani earned 500 total points
ID: 11871959
>WebLink.exe     1860          Revation WebLink      
You have Revation Server's WebLink using standard http port 80:
>WebLink.exe:1860     TCP     poweredge:http     poweredge:0     LISTENING
and standard SSL port 443:
>WebLink.exe:1860     TCP     poweredge:https     poweredge:0     LISTENING

You have to either configure it to use other ports or configure additional IP address to your server, so that IIS can use the other IP and WebLink the other.
0
 

Author Comment

by:theadstudio
ID: 11872446
You were right!
I spoke to Revation's tech support and indeed additional IPs are the solution.

Problem solved!
0

Featured Post

Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now