Solved

This page can't be displayed

Posted on 2016-08-11
12
53 Views
Last Modified: 2016-08-26
I have a company hosting a remote thing, see pic, on their 2003 server.
Internal web siteThey have accessed this for years.  All of a sudden almost no one can access it.
We get a This page can't be displayed error.
Everyone can hit it on site... we've only found one person who can hit it off site.
Tracert shows:
C:\Windows\System32>tracert somewebsite.com

Tracing route to somewebsite.com [71.102.216.74]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  10.1.1.1
  2     2 ms     1 ms     1 ms  173.65.15.1
  3     4 ms     6 ms     6 ms  172.99.50.104
  4     *        *        *     Request timed out.
  5     3 ms     3 ms     3 ms  static-71-102-216-74.tampfl.fios.frontiernet.net
 [71.102.216.74]

Trace complete.

C:\Windows\System32>

Open in new window

It was last accessed on a Friday, the server went down Saturday (power outage) and Monday is when the issue was discovered.

It is used by people to remote into their computers from home.

Thoughts?
0
Comment
Question by:classnet
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
  • 3
12 Comments
 
LVL 34

Expert Comment

by:it_saige
ID: 41752326
Understanding that somewebsite.com is a placeholder for the actuall domain name:

Is somewebsite.com registered on an external DNS server?  Has the registration lapsed?

Assuming that it is registered and that the registration is current (and all associated HOST and ALIAS records are correct).

Have you checked the firewall at the client location to ensure that HTTPS is forwarding to the internal IP of the 2003 server?  The traceroute only means that ICMP is being blocked or not responding.

-saige-
0
 

Author Comment

by:classnet
ID: 41752347
it_saige, You are correct about the placeholder.

Site name is good until 2019.

Firewall is good too.

I just tried it on another computer and got a "HTTP Error 403.6 - Forbidden: IP address of the client has been rejected." error instead of the generic error.

IIS looks good....
0
 
LVL 34

Expert Comment

by:it_saige
ID: 41752358
Just wanted to be certain about the firewall as you mentioned there was a power outage; e.g. - The IP address of the server changed as a result of...

The 403.6 error is generally caused by the configuration of IP Address and Domain Name Restrictions:

https://support.microsoft.com/en-us/kb/248043

-saige-
0
NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

 
LVL 34

Expert Comment

by:sarabande
ID: 41752382
Windows Small Business Server 2003 is no longer supported by Microsoft since July last year.

that means it is a good chance that it was hacked by malicious software for example by exploiting one of the various security leaks which no longer were fixed by MS,

your screenshot shows a certificate error what either means that the clients trying to access the server fail by certificate validation. or (more likely) the Server no longer is capable to validate newer certificates from client. the latter would explain why some computers still could access the server.

actually, it is already too late for migrating to a higher server sersion. you need to isolate the Server and try to backup the data.

Sara
0
 

Author Comment

by:classnet
ID: 41752385
No... everything looks good.  The server IP is static and did not change.

I don't understand the one rogue offsite laptop that can remote in.
0
 
LVL 34

Expert Comment

by:it_saige
ID: 41752407
The mention of that one client is why I was asking about the external DNS.  This really does present itself more like a DNS translation issue than anything else.  Can the client that is able to connect perform a successful tracert?  If so, I would check the firewall to make sure that it does not have any blocking rules.  I would also contact the ISP to have them test their router to ensure it is up to snuff.

-saige-
0
 

Author Comment

by:classnet
ID: 41757683
Both clients can tracert.  Both are using IE11.
0
 

Author Comment

by:classnet
ID: 41759163
sarabande... I don't think the server was hacked... every other computer can access this site.
0
 
LVL 34

Expert Comment

by:sarabande
ID: 41759423
a server which was hacked mostly was used as a bot server. in those cases, the malware would not do any harm to the network but try to remain undetected as long as possible. check for suspicious activity when the server actually should be idle.

the server not necessarily was hacked. but it is a high risk because newer security leaks are no longer fixed and malware systematically are scanning for servers which could be hijacked using those hidden doors.

you can check your server by anti malware tools (for example see https://www.techsupportall.com/best-free-effective-anti-malware-software/)

if it is clean, you should try to upgrade as soon as possible.

Sara
0
 

Accepted Solution

by:
classnet earned 0 total points
ID: 41764244
Finally found the solution!
We use ESET NOD32 Antivirus.  In their latest version NOD32 will block users from going to sites with invalid SSL certs.

Had to open NOD32 and press F5 (advanced mode) and disable SSL/TLS Protocol Filtering.  Could not figure out a way to add exceptions.
Disable SSL/TLS filtering
0
 
LVL 34

Expert Comment

by:sarabande
ID: 41768594
In their latest version NOD32 will block users from going to sites with invalid SSL certs.
i strongly recommend to not ignoring serious warnings that your network is going to become more and more  vulnerable to malware.

the current issues should be understood as a warning rather than an annoyance.

Sara
0
 

Author Closing Comment

by:classnet
ID: 41771439
Solved myself
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
Shows how to create a shortcut to site-search Experts Exchange using Google in the Chrome browser. This eliminates the need to type out site:experts-exchange.com whenever you want to search the site. Launch the Search Engine Menu: In chrome, via you…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question