[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 289
  • Last Modified:

Long WebDAV request

Accessing a site that is hosted by a third party generates a Long WebDAV request, and we are locked out of the hosts IDS for 15 minutes. This can happen if we are accessing with a browser, or performing various maintenance updates to the site with FrontPage.

Is there "ANY OTHER" reason for this, besides me having a virus on my system? I have run a full scan in Safe Mode with Ad-Aware and found nothing, but the host is still telling me it's a virus and there's nothing they can do.

Thanks,
Sean
0
seanpowell
Asked:
seanpowell
  • 7
  • 5
  • 2
2 Solutions
 
Aland CoonsSystems EngineerCommented:
Ad-aware is not a virus checker. It's a spyware checker.  Does the host tell you which virus it is.
Try running a virus checker on your machine.  

http://housecall.trendmicro.com/housecall/start_corp.asp
http://www.ravantivirus.com/scan/

Several are free.  There are even some full versions that are free for home users.

http://www.grisoft.com/us/us_dwnl_free.php
0
 
seanpowellAuthor Commented:
I have Norton AV Pro 2004, it didn't find anything either.

The host said something on my machine is hijacking packets and creating this so-called "long webdav request".

Personally I'm starting to think there's a problem with their IDS and Frontpage, but I can't find any references online to such a conflict.

Sean
0
 
Aland CoonsSystems EngineerCommented:
Sorry, miscommunication.

Well, it does exist .. "long webdav req."
http://www.osvdb.org/displayvuln.php?osvdb_id=5633
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Aland CoonsSystems EngineerCommented:
0
 
Aland CoonsSystems EngineerCommented:
Maybe you need to patch your own machine IIS.  It looks like this can be an issue if it is installed even if it isn't running.  Since you've got Frontpage installed likely this is a developers box.  Try updating it like it was a production (web) server.

http://www.frame4.com/php/printout468.html
0
 
seanpowellAuthor Commented:
I was just about to post that the problem must be with my IIS, and not theirs, as I had seen those kb articles.

I "did not" find your latest link - so wth baited breath, I will return :-)
0
 
seanpowellAuthor Commented:
Question:

      
Windows XP Security Patch: IIS Remote Exploit from ntdll.dll Vulnerability
This update addresses the vulnerability addressed in Knowledge Base Article 815021....
A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates."

Since windows update shows I'm fully patched, is there any harm in downloading this one as well ?

Sean

( Sorry - I always look before I leap )
0
 
Aland CoonsSystems EngineerCommented:
0
 
seanpowellAuthor Commented:
Downloaded the tool - and nothing's easy :-)

It keeps telling me Computer not found. I've tried every IP I can think of... Basically I have a broadband connection through Bell.

Sean
0
 
seanpowellAuthor Commented:
When I open it up, this is what's in the computer name box:

\*error*
0
 
alimuCommented:
I had the same problem with one of our development web servers - IDS was detecting frontpage connections to a development website as attacks.... haven't found a solution yet other than not running IDS and frontpage extensions on the same server (no big deal for us since it's all internal).  Could that be your problem perhaps?  IDS was blackice..
0
 
seanpowellAuthor Commented:
Well that is good news, in an odd sort of way. It leads me to believe the problem is not on our end.

I wish I could find some documentation to back me up on this, or at least a reason why an IDS would see those connections as volatile :-)

Sean
0
 
seanpowellAuthor Commented:
IIS reported an error with something to do with a Timer when they ran an extensions check.
It looks like we're clean.

There are some good comments here though :-)

Sean
0
 
alimuCommented:
Check your sharepoint timer service is running (that's prob where the timer error came from).
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 7
  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now