Solved

This page can't be displayed

Posted on 2016-08-11
12
37 Views
Last Modified: 2016-08-26
I have a company hosting a remote thing, see pic, on their 2003 server.
Internal web siteThey have accessed this for years.  All of a sudden almost no one can access it.
We get a This page can't be displayed error.
Everyone can hit it on site... we've only found one person who can hit it off site.
Tracert shows:
C:\Windows\System32>tracert somewebsite.com

Tracing route to somewebsite.com [71.102.216.74]
over a maximum of 30 hops:

  1    <1 ms    <1 ms    <1 ms  10.1.1.1
  2     2 ms     1 ms     1 ms  173.65.15.1
  3     4 ms     6 ms     6 ms  172.99.50.104
  4     *        *        *     Request timed out.
  5     3 ms     3 ms     3 ms  static-71-102-216-74.tampfl.fios.frontiernet.net
 [71.102.216.74]

Trace complete.

C:\Windows\System32>

Open in new window

It was last accessed on a Friday, the server went down Saturday (power outage) and Monday is when the issue was discovered.

It is used by people to remote into their computers from home.

Thoughts?
0
Comment
Question by:classnet
  • 6
  • 3
  • 3
12 Comments
 
LVL 32

Expert Comment

by:it_saige
ID: 41752326
Understanding that somewebsite.com is a placeholder for the actuall domain name:

Is somewebsite.com registered on an external DNS server?  Has the registration lapsed?

Assuming that it is registered and that the registration is current (and all associated HOST and ALIAS records are correct).

Have you checked the firewall at the client location to ensure that HTTPS is forwarding to the internal IP of the 2003 server?  The traceroute only means that ICMP is being blocked or not responding.

-saige-
0
 

Author Comment

by:classnet
ID: 41752347
it_saige, You are correct about the placeholder.

Site name is good until 2019.

Firewall is good too.

I just tried it on another computer and got a "HTTP Error 403.6 - Forbidden: IP address of the client has been rejected." error instead of the generic error.

IIS looks good....
0
 
LVL 32

Expert Comment

by:it_saige
ID: 41752358
Just wanted to be certain about the firewall as you mentioned there was a power outage; e.g. - The IP address of the server changed as a result of...

The 403.6 error is generally caused by the configuration of IP Address and Domain Name Restrictions:

https://support.microsoft.com/en-us/kb/248043

-saige-
0
 
LVL 32

Expert Comment

by:sarabande
ID: 41752382
Windows Small Business Server 2003 is no longer supported by Microsoft since July last year.

that means it is a good chance that it was hacked by malicious software for example by exploiting one of the various security leaks which no longer were fixed by MS,

your screenshot shows a certificate error what either means that the clients trying to access the server fail by certificate validation. or (more likely) the Server no longer is capable to validate newer certificates from client. the latter would explain why some computers still could access the server.

actually, it is already too late for migrating to a higher server sersion. you need to isolate the Server and try to backup the data.

Sara
0
 

Author Comment

by:classnet
ID: 41752385
No... everything looks good.  The server IP is static and did not change.

I don't understand the one rogue offsite laptop that can remote in.
0
 
LVL 32

Expert Comment

by:it_saige
ID: 41752407
The mention of that one client is why I was asking about the external DNS.  This really does present itself more like a DNS translation issue than anything else.  Can the client that is able to connect perform a successful tracert?  If so, I would check the firewall to make sure that it does not have any blocking rules.  I would also contact the ISP to have them test their router to ensure it is up to snuff.

-saige-
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:classnet
ID: 41757683
Both clients can tracert.  Both are using IE11.
0
 

Author Comment

by:classnet
ID: 41759163
sarabande... I don't think the server was hacked... every other computer can access this site.
0
 
LVL 32

Expert Comment

by:sarabande
ID: 41759423
a server which was hacked mostly was used as a bot server. in those cases, the malware would not do any harm to the network but try to remain undetected as long as possible. check for suspicious activity when the server actually should be idle.

the server not necessarily was hacked. but it is a high risk because newer security leaks are no longer fixed and malware systematically are scanning for servers which could be hijacked using those hidden doors.

you can check your server by anti malware tools (for example see https://www.techsupportall.com/best-free-effective-anti-malware-software/)

if it is clean, you should try to upgrade as soon as possible.

Sara
0
 

Accepted Solution

by:
classnet earned 0 total points
ID: 41764244
Finally found the solution!
We use ESET NOD32 Antivirus.  In their latest version NOD32 will block users from going to sites with invalid SSL certs.

Had to open NOD32 and press F5 (advanced mode) and disable SSL/TLS Protocol Filtering.  Could not figure out a way to add exceptions.
Disable SSL/TLS filtering
0
 
LVL 32

Expert Comment

by:sarabande
ID: 41768594
In their latest version NOD32 will block users from going to sites with invalid SSL certs.
i strongly recommend to not ignoring serious warnings that your network is going to become more and more  vulnerable to malware.

the current issues should be understood as a warning rather than an annoyance.

Sara
0
 

Author Closing Comment

by:classnet
ID: 41771439
Solved myself
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
Google currently has a new report that is in beta and coming soon to Webmaster Tool accounts. This Micro Tutorial will highlight new features for Google Webmaster Tools.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

26 Experts available now in Live!

Get 1:1 Help Now