Re: Additional http Requests for Deafult Home Page

From: Bernard (qbernard_at_hotmail.com)
Date: 07/29/03 

Date: Tue, 29 Jul 2003 11:07:28 +0800

I don't quite get you. what's the version of IIS ?
you need to log more field/info in the log file, e.g. status, username

what's the default pagename ?? 

-- 
Regards,
Bernard Cheah
http://support.microsoft.com/
Please respond to newsgroups only ...
"Betty Chan" <betty.chan@sickkids.ca> wrote in message
news:04c901c35548$0951d4f0$a101280a@phx.gbl...
> Hi Everybody,
> I administrator a intranet web site. I found that there
> are IE 6 (on Windows 98 or 2000) that sending out extra
> requests for default home page. These extra requests are
> transparent to the users, but seen on the IIS log. e.g.
> 14:41:31 xxx.20.135.181 - GET /queries/loginDlog.cfm
> 14:41:31 xxx.20.135.181 - GET /index.cfm
> 14:41:31 xxx.20.135.181 - GET /index.cfm
> 14:41:36 xxx.20.135.181 - POST /queries/loginDlog.cfm
> 14:41:36 xxx.20.135.181 - GET /index.cfm
> 14:41:46 xxx.20.135.181 -
> POST /queries/Pathology/PATHPatientShow.CFM
> 14:41:46 xxx.20.135.181 - GET /index.cfm
> 14:41:55 xxx.20.135.181 -
> GET /queries/Pathology/PATHPatientRslts.cfm
> 14:41:55 xxx.20.135.181 - GET /index.cfm
> 14:42:21 xxx.20.135.181 -
> GET /queries/Pathology/PATHPatientRslts.cfm
> 14:42:21 xxx.20.135.181 - GET /index.cfm
>
> In this example, the default home page is /index.cfm. But
> it can be /default.htm.
>
> Are these PCs got infected with some sort of virus?
> Anybody see this strange behavior before?
>
> Thanks
> Betty

Relevant Pages

  • Re: [PHP] Authentication
    ... If memory doesn't fail me, if you work with IIS and protect the source pages of the application so that IUSR_xxxxx doesn't have access to those files and instead grant access to the NT users or groups which you want, the IIS when working with IE clients will take care of that as long as they are all in the same domain. ... I did it with IIS 3 and IE4 and it worked, I am not completely sure about the details, but it is something you do in the server administration and you don't need to do any programming at all, if the person reaches the page it is because it is who he says it is. ... Otherwise, no browser will give you access to any sensitive information on the client machine, nothing that someone, anyone, might pick on the server side just by receiving a page request. ... If you can find a JavaScript function to snoop the username, ...
    (php.general)
  • RE: IIS 4 Security
    ... > Subject: IIS 4 Security ... > password protected web site is hosted using IIS 4 w/o ... > username and password. ... I would probably exploit 'Malformed HTR Request', ...
    (Focus-Microsoft)
  • Re: identify disabled users and bad bad passwords
    ... which probably related to dynamic scripting, etc, hence IIS only ... >> the w3c extended iis log format. ... >> Bernard Cheah ... >>> The system takes both disabled accounts and bad username and password ...
    (microsoft.public.inetserver.iis.security)
  • Re: Integrated Windows Authentication
    ... > Yes the IIS is part of a domain... ... > The error is just access denied in the browser after 3 attempts at putting ... > in the username and password. ... >> Rgds. ...
    (microsoft.public.inetserver.iis.security)
  • Re: security between serving files from a fileshare
    ... Microsoft MVP - Windows Security ... Any other ideas, as I can browse to the file in iis manager, yet I ... When entering username ...
    (microsoft.public.inetserver.iis.security)
Quantcast