trippa666au
asked on
Cannot run .exe on IIS server to see trend management console
Hi
We have just installed Trend Worry-Free Business Security Advanced
onto a windows 2000 SBS
Installation worked fine and the trend client on the server works fine but there is a problem with IIS
Don't thinks its a trend problem as previous antivirus program had same problem not accessing web based interface.
I cannot access the Security dashboard.
https://server.domain.local:4343/SMB/console/html/cgi/cgiChkMasterPwd.exe
It comes up with a 404 error. File not found
I can list the directory
https://server.domain.local:4343/SMB/console/html/cgi/
and the file is there
I can also display a test .html page from this address.
I have script and executables permissions all set.
1. Could this be a problem with ASP of .NET or whatever engine runs the CGI or .exe
2. Would reinstalling IIS resolve anything ? Does reinstalling IIS effect exchange at all
3. Are there any services I should be looking at ?
Help greatly appreciated
We have just installed Trend Worry-Free Business Security Advanced
onto a windows 2000 SBS
Installation worked fine and the trend client on the server works fine but there is a problem with IIS
Don't thinks its a trend problem as previous antivirus program had same problem not accessing web based interface.
I cannot access the Security dashboard.
https://server.domain.local:4343/SMB/console/html/cgi/cgiChkMasterPwd.exe
It comes up with a 404 error. File not found
I can list the directory
https://server.domain.local:4343/SMB/console/html/cgi/
and the file is there
I can also display a test .html page from this address.
I have script and executables permissions all set.
1. Could this be a problem with ASP of .NET or whatever engine runs the CGI or .exe
2. Would reinstalling IIS resolve anything ? Does reinstalling IIS effect exchange at all
3. Are there any services I should be looking at ?
Help greatly appreciated
In IIS you need to explicitly allow exe execution otherwise IIS will just execute scripts only.
ASKER
Thanks for the reply but I already have executables permission set.
Any other suggestions ?
Any other suggestions ?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Can you check and see if there are any logfiles in the following directory:
c:\windows\system32\inetsr
If so, open one up and see if urlscan is denying access to the EXE request.
Dave Dietz
c:\windows\system32\inetsr
If so, open one up and see if urlscan is denying access to the EXE request.
Dave Dietz
ASKER
Ok Dave you might be onto something here. This is a log saying .exe disallowed
How do i fix that ?
[08-06-2008 - 00:37:17] ---------------- Initializing UrlScan.log ----------------
[08-06-2008 - 00:37:17] -- Filter initialization time: [08-04-2008 - 21:01:58] --
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:38:21] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:38:21] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:43:35] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 00:43:35] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 00:43:36] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 00:43:36] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 02:30:20] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 04:52:34] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 07:15:32] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:40:32] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:40:32] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:46:05] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:46:05] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:46:06] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:46:06] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:55:33] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/SMB/console/html/cgi
[08-06-2008 - 08:57:19] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/SMB/console/html/cgi
[08-06-2008 - 09:39:10] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 12:02:16] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 13:39:04] ---------------- Initializing UrlScan.log ----------------
[08-06-2008 - 13:39:04] -- Filter initialization time: [08-06-2008 - 13:39:04] --
[08-06-2008 - 13:39:04] ---------------- UrlScan.dll Initializing ----------------
[08-06-2008 - 13:39:05] UrlScan will return the following URL for rejected requests: "/<Rejected-By-UrlScan>"
[08-06-2008 - 13:39:05] URLs will be normalized before analysis.
[08-06-2008 - 13:39:05] URL normalization will be verified.
[08-06-2008 - 13:39:05] URLs may contain OEM, international and UTF-8 characters.
[08-06-2008 - 13:39:05] Only the following verbs will be allowed (case sensitive):
[08-06-2008 - 13:39:05] 'GET'
[08-06-2008 - 13:39:05] 'HEAD'
[08-06-2008 - 13:39:05] 'POST'
[08-06-2008 - 13:39:05] 'OPTIONS'
[08-06-2008 - 13:39:05] 'SEARCH'
[08-06-2008 - 13:39:05] 'POLL'
[08-06-2008 - 13:39:05] 'PROPFIND'
[08-06-2008 - 13:39:05] 'BMOVE'
[08-06-2008 - 13:39:05] 'BCOPY'
[08-06-2008 - 13:39:05] 'SUBSCRIBE'
[08-06-2008 - 13:39:05] 'MOVE'
[08-06-2008 - 13:39:05] 'PROPPATCH'
[08-06-2008 - 13:39:05] 'BPROPPATCH'
[08-06-2008 - 13:39:05] 'DELETE'
[08-06-2008 - 13:39:05] 'BDELETE'
[08-06-2008 - 13:39:05] 'MKCOL'
[08-06-2008 - 13:39:05] 'UNSUBSCRIBE'
[08-06-2008 - 13:39:05] 'SUBSCRIPTIONS'
[08-06-2008 - 13:39:05] 'COPY'
[08-06-2008 - 13:39:05] 'LOCK'
[08-06-2008 - 13:39:05] 'UNLOCK'
[08-06-2008 - 13:39:05] 'PUT'
[08-06-2008 - 13:39:05] 'ACL'
[08-06-2008 - 13:39:05] 'NOTIFY'
[08-06-2008 - 13:39:05] Requests for following extensions will be rejected:
[08-06-2008 - 13:39:05] '.exe'
[08-06-2008 - 13:39:05] '.bat'
[08-06-2008 - 13:39:05] '.cmd'
[08-06-2008 - 13:39:05] '.com'
[08-06-2008 - 13:39:05] '.htr'
[08-06-2008 - 13:39:05] '.idc'
[08-06-2008 - 13:39:05] '.shtm'
[08-06-2008 - 13:39:05] '.shtml'
[08-06-2008 - 13:39:05] '.stm'
[08-06-2008 - 13:39:05] '.printer'
[08-06-2008 - 13:39:05] '.ini'
[08-06-2008 - 13:39:05] '.log'
[08-06-2008 - 13:39:05] '.pol'
[08-06-2008 - 13:39:05] '.dat'
[08-06-2008 - 13:39:05] Requests containing the following character sequences will be rejected:
[08-06-2008 - 13:39:05] '..'
[08-06-2008 - 13:39:05] './'
[08-06-2008 - 13:39:05] '\'
[08-06-2008 - 13:39:05] '%'
[08-06-2008 - 13:39:05] '&'
[08-06-2008 - 13:39:05] 'root.exe'
[08-06-2008 - 13:39:48] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:48] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 13:39:49] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:49] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 13:39:50] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:50] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:54] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:54] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:16] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:16] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:22] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:22] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:07] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:07] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:08] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:08] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:43:13] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:43:13] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:46:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:46:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:47:53] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:47:53] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:52:24] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:52:24] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:24:06] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 14:38:51] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:38:51] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:38:52] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:38:52] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
How do i fix that ?
[08-06-2008 - 00:37:17] ---------------- Initializing UrlScan.log ----------------
[08-06-2008 - 00:37:17] -- Filter initialization time: [08-04-2008 - 21:01:58] --
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:37:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:38:21] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:38:21] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 00:43:35] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 00:43:35] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 00:43:36] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 00:43:36] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 02:30:20] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 04:52:34] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 07:15:32] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:39:26] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:40:32] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:40:32] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 08:46:05] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:46:05] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:46:06] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:46:06] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 08:55:33] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/SMB/console/html/cgi
[08-06-2008 - 08:57:19] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/SMB/console/html/cgi
[08-06-2008 - 09:39:10] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 12:02:16] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 13:39:04] ---------------- Initializing UrlScan.log ----------------
[08-06-2008 - 13:39:04] -- Filter initialization time: [08-06-2008 - 13:39:04] --
[08-06-2008 - 13:39:04] ---------------- UrlScan.dll Initializing ----------------
[08-06-2008 - 13:39:05] UrlScan will return the following URL for rejected requests: "/<Rejected-By-UrlScan>"
[08-06-2008 - 13:39:05] URLs will be normalized before analysis.
[08-06-2008 - 13:39:05] URL normalization will be verified.
[08-06-2008 - 13:39:05] URLs may contain OEM, international and UTF-8 characters.
[08-06-2008 - 13:39:05] Only the following verbs will be allowed (case sensitive):
[08-06-2008 - 13:39:05] 'GET'
[08-06-2008 - 13:39:05] 'HEAD'
[08-06-2008 - 13:39:05] 'POST'
[08-06-2008 - 13:39:05] 'OPTIONS'
[08-06-2008 - 13:39:05] 'SEARCH'
[08-06-2008 - 13:39:05] 'POLL'
[08-06-2008 - 13:39:05] 'PROPFIND'
[08-06-2008 - 13:39:05] 'BMOVE'
[08-06-2008 - 13:39:05] 'BCOPY'
[08-06-2008 - 13:39:05] 'SUBSCRIBE'
[08-06-2008 - 13:39:05] 'MOVE'
[08-06-2008 - 13:39:05] 'PROPPATCH'
[08-06-2008 - 13:39:05] 'BPROPPATCH'
[08-06-2008 - 13:39:05] 'DELETE'
[08-06-2008 - 13:39:05] 'BDELETE'
[08-06-2008 - 13:39:05] 'MKCOL'
[08-06-2008 - 13:39:05] 'UNSUBSCRIBE'
[08-06-2008 - 13:39:05] 'SUBSCRIPTIONS'
[08-06-2008 - 13:39:05] 'COPY'
[08-06-2008 - 13:39:05] 'LOCK'
[08-06-2008 - 13:39:05] 'UNLOCK'
[08-06-2008 - 13:39:05] 'PUT'
[08-06-2008 - 13:39:05] 'ACL'
[08-06-2008 - 13:39:05] 'NOTIFY'
[08-06-2008 - 13:39:05] Requests for following extensions will be rejected:
[08-06-2008 - 13:39:05] '.exe'
[08-06-2008 - 13:39:05] '.bat'
[08-06-2008 - 13:39:05] '.cmd'
[08-06-2008 - 13:39:05] '.com'
[08-06-2008 - 13:39:05] '.htr'
[08-06-2008 - 13:39:05] '.idc'
[08-06-2008 - 13:39:05] '.shtm'
[08-06-2008 - 13:39:05] '.shtml'
[08-06-2008 - 13:39:05] '.stm'
[08-06-2008 - 13:39:05] '.printer'
[08-06-2008 - 13:39:05] '.ini'
[08-06-2008 - 13:39:05] '.log'
[08-06-2008 - 13:39:05] '.pol'
[08-06-2008 - 13:39:05] '.dat'
[08-06-2008 - 13:39:05] Requests containing the following character sequences will be rejected:
[08-06-2008 - 13:39:05] '..'
[08-06-2008 - 13:39:05] './'
[08-06-2008 - 13:39:05] '\'
[08-06-2008 - 13:39:05] '%'
[08-06-2008 - 13:39:05] '&'
[08-06-2008 - 13:39:05] 'root.exe'
[08-06-2008 - 13:39:48] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:48] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 13:39:49] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:49] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiRq
[08-06-2008 - 13:39:50] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:50] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:54] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:39:54] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:16] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:16] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:22] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:22] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:40:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:07] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:07] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:08] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:08] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:41:17] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:43:13] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:43:13] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:46:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:46:46] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:47:53] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:47:53] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:52:24] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 13:52:24] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:24:06] Client at 125.224.197.243: Sent verb 'CONNECT', which is not specifically allowed. Request will be rejected.
[08-06-2008 - 14:38:51] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:38:51] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:38:52] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
[08-06-2008 - 14:38:52] Client at 10.0.0.2: URL contains extension '.exe', which is disallowed. Request will be rejected. Site Instance='3', Raw URL='/officescan/cgi/cgiOn
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Also Sudhirchauhan3 I tried a sample ASP file and it seamed to work fine.
I will try Dave's solution this afternoon and see if that works
Can I allow .exe only for the trend AV console pages ?? Are there security risks allowing this globally ?
Thanks
I will try Dave's solution this afternoon and see if that works
Can I allow .exe only for the trend AV console pages ?? Are there security risks allowing this globally ?
Thanks
>>Can I allow .exe only for the trend AV console pages ?
No. With URLScan it is an all or nothing proposition when dealing with Disallow Extensions.
>>Are there security risks allowing this globally ?
As long as you don't allow other EXE files to exist in your web content directories there isn't much additional risk.
Dave Dietz
No. With URLScan it is an all or nothing proposition when dealing with Disallow Extensions.
>>Are there security risks allowing this globally ?
As long as you don't allow other EXE files to exist in your web content directories there isn't much additional risk.
Dave Dietz
ASKER
Ok making some progress here.
After allowing .exe files within the urlscan.ini file i can now bring up the Trend login page.
Thanks Dave for that one.
However now when i go to log in it says Active x is not installed on the browser (IE 6)
After trying a site online that uses Active x it does appear active x is not working. I have security settings in IE set to allow all Activex and javascript. No options come up to allow activex scripts to run.
Is this another lock down on server 2000 SBS or something else ??
Thanks again
After allowing .exe files within the urlscan.ini file i can now bring up the Trend login page.
Thanks Dave for that one.
However now when i go to log in it says Active x is not installed on the browser (IE 6)
After trying a site online that uses Active x it does appear active x is not working. I have security settings in IE set to allow all Activex and javascript. No options come up to allow activex scripts to run.
Is this another lock down on server 2000 SBS or something else ??
Thanks again
ASKER
Thanks guys. I will post the ActiveX problem separately. If you know the answer however let me know.
I ran into the problem with the ActiveX controls not running. I stopped all the Trend Micro services then unregistered the following files:
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
From there I extracted these files from their corresponding cab files, overwrote them, then registered them:
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
Once I did that, I started all the Trend services and restarted the World Wide Web Publishing Service, cleared my cache and cookies and presto!
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
From there I extracted these files from their corresponding cab files, overwrote them, then registered them:
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
C:\Program Files\Trend Micro\Security Server\PCCSRV\Web_console\
Once I did that, I started all the Trend services and restarted the World Wide Web Publishing Service, cleared my cache and cookies and presto!
http://www.issociate.de/board/goto/736881/404_File_not_Found_on_.EXE_files_in_IIS_6.0.html
Gary Davis