Solved

Long WebDAV request

Posted on 2004-10-26
270 Views
Last Modified: 2013-12-04
Accessing a site that is hosted by a third party generates a Long WebDAV request, and we are locked out of the hosts IDS for 15 minutes. This can happen if we are accessing with a browser, or performing various maintenance updates to the site with FrontPage.

Is there "ANY OTHER" reason for this, besides me having a virus on my system? I have run a full scan in Safe Mode with Ad-Aware and found nothing, but the host is still telling me it's a virus and there's nothing they can do.

Thanks,
Sean
0
Question by:seanpowell
    14 Comments
     
    LVL 12

    Expert Comment

    by:alandc
    Ad-aware is not a virus checker. It's a spyware checker.  Does the host tell you which virus it is.
    Try running a virus checker on your machine.  

    http://housecall.trendmicro.com/housecall/start_corp.asp
    http://www.ravantivirus.com/scan/

    Several are free.  There are even some full versions that are free for home users.

    http://www.grisoft.com/us/us_dwnl_free.php
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    I have Norton AV Pro 2004, it didn't find anything either.

    The host said something on my machine is hijacking packets and creating this so-called "long webdav request".

    Personally I'm starting to think there's a problem with their IDS and Frontpage, but I can't find any references online to such a conflict.

    Sean
    0
     
    LVL 12

    Expert Comment

    by:alandc
    Sorry, miscommunication.

    Well, it does exist .. "long webdav req."
    http://www.osvdb.org/displayvuln.php?osvdb_id=5633
    0
     
    LVL 12

    Accepted Solution

    by:
    0
     
    LVL 12

    Expert Comment

    by:alandc
    Maybe you need to patch your own machine IIS.  It looks like this can be an issue if it is installed even if it isn't running.  Since you've got Frontpage installed likely this is a developers box.  Try updating it like it was a production (web) server.

    http://www.frame4.com/php/printout468.html
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    I was just about to post that the problem must be with my IIS, and not theirs, as I had seen those kb articles.

    I "did not" find your latest link - so wth baited breath, I will return :-)
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    Question:

          
    Windows XP Security Patch: IIS Remote Exploit from ntdll.dll Vulnerability
    This update addresses the vulnerability addressed in Knowledge Base Article 815021....
    A more recent critical security update is now available. To find the latest security releases for you visit Windows Update and click "Scan for updates."

    Since windows update shows I'm fully patched, is there any harm in downloading this one as well ?

    Sean

    ( Sorry - I always look before I leap )
    0
     
    LVL 12

    Expert Comment

    by:alandc
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    Downloaded the tool - and nothing's easy :-)

    It keeps telling me Computer not found. I've tried every IP I can think of... Basically I have a broadband connection through Bell.

    Sean
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    When I open it up, this is what's in the computer name box:

    \*error*
    0
     
    LVL 14

    Assisted Solution

    by:alimu
    I had the same problem with one of our development web servers - IDS was detecting frontpage connections to a development website as attacks.... haven't found a solution yet other than not running IDS and frontpage extensions on the same server (no big deal for us since it's all internal).  Could that be your problem perhaps?  IDS was blackice..
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    Well that is good news, in an odd sort of way. It leads me to believe the problem is not on our end.

    I wish I could find some documentation to back me up on this, or at least a reason why an IDS would see those connections as volatile :-)

    Sean
    0
     
    LVL 31

    Author Comment

    by:seanpowell
    IIS reported an error with something to do with a Timer when they ran an extensions check.
    It looks like we're clean.

    There are some good comments here though :-)

    Sean
    0
     
    LVL 14

    Expert Comment

    by:alimu
    Check your sharepoint timer service is running (that's prob where the timer error came from).
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    In today's information driven age, entrepreneurs have so many great tools and options at their disposal to help turn good ideas into a thriving business. With cloud-based online services, such as Amazon's Web Services (AWS) or Microsoft's Azure, bus…
    Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
    Hi everyone! This is Experts Exchange customer support.  This quick video will show you how to change your primary email address.  If you have any questions, then please Write a Comment below!
    Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now