Looking at my Netscape error log on my web servers recently I have found several entries that look like this: [08/Apr/1998:08:07:07] config: for host *blah* trying to POST /_vti_bin/shtml.exe/_vti_rpc, handle-processed reports: no way to service request for /_vti_bin/shtml.exe/_vti_rpc Host name removed to protect the -apparently- innocent The file being posted here is the M$ control file for servers managed by "FrontPage." In the beginning I thought these were all attempts to "take over" my server by placing a hacked version of the software in my server. Since we don't run NT or 95, for obvious reasons, I was somewhat surprised by the frequency of such brain dead attacks and even more surprised that it might work. Recently I have learned that the M$ software itself attempts to POST to this file if you attempt to "verify off site links" on a server managed by this software. IN-other-words, every time you attempt to verify links to other servers on your M$ managed http server, that server will ASSUME that every one is a M$ managed server and add yet another error entry to their error file. I have notified M$ -as expected No response- lev@ _/_/_/_/ _/_/_/_/ _/_/_/_/ _/ _/_/_/ searchmaster@ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/_/_/ .com _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/ _/_/_/
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:50:58 PDT