[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Long WebDAV request

Posted on 2004-10-26
14
Medium Priority
?
285 Views
Last Modified: 2013-12-04
Accessing a site that is hosted by a third party generates a Long WebDAV request, and we are locked out of the hosts IDS for 15 minutes. This can happen if we are accessing with a browser, or performing various maintenance updates to the site with FrontPage.

Is there "ANY OTHER" reason for this, besides me having a virus on my system? I have run a full scan in Safe Mode with Ad-Aware and found nothing, but the host is still telling me it's a virus and there's nothing they can do.

Thanks,
Sean
0
Comment
Question by:seanpowell
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 2
14 Comments
 
LVL 12

Expert Comment

by:alandc
ID: 12415425
Ad-aware is not a virus checker. It's a spyware checker.  Does the host tell you which virus it is.
Try running a virus checker on your machine.  

http://housecall.trendmicro.com/housecall/start_corp.asp
http://www.ravantivirus.com/scan/

Several are free.  There are even some full versions that are free for home users.

http://www.grisoft.com/us/us_dwnl_free.php
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12415585
I have Norton AV Pro 2004, it didn't find anything either.

The host said something on my machine is hijacking packets and creating this so-called "long webdav request".

Personally I'm starting to think there's a problem with their IDS and Frontpage, but I can't find any references online to such a conflict.

Sean
0
 
LVL 12

Expert Comment

by:alandc
ID: 12415758
Sorry, miscommunication.

Well, it does exist .. "long webdav req."
http://www.osvdb.org/displayvuln.php?osvdb_id=5633
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 12

Accepted Solution

by:
alandc earned 1600 total points
ID: 12415768
0
 
LVL 12

Expert Comment

by:alandc
ID: 12415787
Maybe you need to patch your own machine IIS.  It looks like this can be an issue if it is installed even if it isn't running.  Since you've got Frontpage installed likely this is a developers box.  Try updating it like it was a production (web) server.

http://www.frame4.com/php/printout468.html
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12415856
I was just about to post that the problem must be with my IIS, and not theirs, as I had seen those kb articles.

I "did not" find your latest link - so wth baited breath, I will return :-)
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12415888
Question:

      
Windows XP Security Patch: IIS Remote Exploit from ntdll.dll Vulnerability
This update addresses the vulnerability addressed in Knowledge Base Article 815021....
A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates."

Since windows update shows I'm fully patched, is there any harm in downloading this one as well ?

Sean

( Sorry - I always look before I leap )
0
 
LVL 12

Expert Comment

by:alandc
ID: 12416497
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12417033
Downloaded the tool - and nothing's easy :-)

It keeps telling me Computer not found. I've tried every IP I can think of... Basically I have a broadband connection through Bell.

Sean
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12417063
When I open it up, this is what's in the computer name box:

\*error*
0
 
LVL 14

Assisted Solution

by:alimu
alimu earned 400 total points
ID: 12418755
I had the same problem with one of our development web servers - IDS was detecting frontpage connections to a development website as attacks.... haven't found a solution yet other than not running IDS and frontpage extensions on the same server (no big deal for us since it's all internal).  Could that be your problem perhaps?  IDS was blackice..
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12420897
Well that is good news, in an odd sort of way. It leads me to believe the problem is not on our end.

I wish I could find some documentation to back me up on this, or at least a reason why an IDS would see those connections as volatile :-)

Sean
0
 
LVL 31

Author Comment

by:seanpowell
ID: 12426919
IIS reported an error with something to do with a Timer when they ran an extensions check.
It looks like we're clean.

There are some good comments here though :-)

Sean
0
 
LVL 14

Expert Comment

by:alimu
ID: 12428446
Check your sharepoint timer service is running (that's prob where the timer error came from).
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
This lesson discusses how to use a Mainform + Subforms in Microsoft Access to find and enter data for payments on orders. The sample data comes from a custom shop that builds and sells movable storage structures that are delivered to your property. …
Suggested Courses

650 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question