Re: memory used for inetinfo.exe
From: joe (joe@drkstr.com)
Date: 03/14/03
- Next message: BB: "Re: current setings prohibit running ActiveX controls................"
- Previous message: Stacy: "current setings prohibit running ActiveX controls................"
- In reply to: Karl Levinson [x y] mvp: "Re: memory used for inetinfo.exe"
- Next in thread: cablito@hotmail.com: "Re: memory used for inetinfo.exe"
- Reply: cablito@hotmail.com: "Re: memory used for inetinfo.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "joe" <joe@drkstr.com> Date: Fri, 14 Mar 2003 03:55:57 GMT
I have hardened the server(as much as I know how and from experience). I
check the logs everyday. I think it may be a bad scipt that a customer has.
CPU is very low, about 4%. I just noticed the memory was up to 300 megs
today. Its usually only up to about 120 megs. Half of the sites are stopped
on it. I will have tio investigate further. I like to post these weird
things with IIS here since there have been so many different variety of
things that people have seen with IIS. Thank you very much for the links.
-joe
"Karl Levinson [x y] mvp" <levinson_k@excite.com> wrote in message
news:e0TKdlc6CHA.800@TK2MSFTNGP10.phx.gbl...
> Either your computer has been compromised, or you've got poorly written
> script somewhere that is leaking memory. That's the first thing to deal
> with. [You could have a software or hardware problem, I suppose, but
that's
> not the first thing I would suspect.]
>
> How to tell if your computer has been hacked:
> www.agnitum.com is free antivirus
> http://housecall.antivirus.com is a free one-time antivirus scanner
> [offers no protection, just detection, but no software is installed with
> this]
> http://securityadmin.info/faq.htm#hacked
> http://securityadmin.info/faq.htm#iislogs2
> http://securityadmin.info/faq.htm#iislogs
> [note that nothing shows up in the IIS web log if a worm uses an IIS
buffer
> overflow exploit]
> http://securityadmin.info/faq.htm#sniffer
> http://securityadmin.info/faq.htm#re-secure [if you find evidence of
> intrusion]
>
> If that turns up nothing, then go to www.iisfaq.com or
> www.microsoft.com/support or www.google.com/advanced_group_search or
> www.google.com and search for a way to troubleshoot IIS memory leaks.
>
> I've never heard of anyone clearing IIS memory... and am not aware of a
way
> to do it without restarting the service. It's certainly not the usual way
> to deal with this sort of problem.
>
> As you may know, just installing patches alone does NOT secure your
> computer. If that's all you do, you can still be compromised. You also
> should consider doing this to close other holes:
> http://securityadmin.info/faq.htm#harden
>
> HTH
>
>
> "Telepacific Test Email Account" <joe@telepacific.net> wrote in message
> news:#V4UMFc6CHA.1676@TK2MSFTNGP12.phx.gbl...
> > I need to know what the memory threshold is for the inetinfo.exe service
> is
> > and how to clear the memory used without having to stop and restart
IIS(if
> > its possible to do this). The version is IIS 5.0 sp2 with all hotfixes
and
> > IE 6SP1 with all service packs.The memory is up to 320megs used right
now.
> >
> > There are over 400 virtual sites on this one server. It has Dual PIII
1.2
> > GHZ processors and over 1gig of RAM.
> >
> > Is there also a 3rd party site to force the memory to reuse itself
without
> > having to restart this service or other services.
> >
> > Thanks
> > Joe
> >
> >
>
>
- Next message: BB: "Re: current setings prohibit running ActiveX controls................"
- Previous message: Stacy: "current setings prohibit running ActiveX controls................"
- In reply to: Karl Levinson [x y] mvp: "Re: memory used for inetinfo.exe"
- Next in thread: cablito@hotmail.com: "Re: memory used for inetinfo.exe"
- Reply: cablito@hotmail.com: "Re: memory used for inetinfo.exe"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
