Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Security / July 2004

Tip: Looking for answers? Try searching our database.

HTTP Error 401: Unauthorized

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Eben Jansen van Rensburg - 20 Jul 2004 08:12 GMT
Hi all,

Sorry if you had this one before, but I hope you can help.  I'm running
VS.NET 2003 on a Windows Server 2003 Standard Edition. The server acts
as a Domain Controller and a Web Server. It is purely used for
development.  I should probably not do development on a server but I
need the functionality.

Everytime I want to create a new web project or open an existing one, I
am asked for my username and password. Although the username and
password IS CORRECT, it doesn't autheticate me. And if I cancel the
logon window, I receive a massage that I can't open or create the web
project because the virtual directory and the fisical path need to map
to the same location and I get that dreaded HTTP 401: Unauthorized
error.

How can I prevent being asked a username and password when opening a web
project in VS.NET.  It must be some kind of a security issue. IT IS
DRIVING ME NUTS!

Thanx 4 you're help guys.
Reply to this Message
Jim Cheshire [MSFT] - 20 Jul 2004 15:54 GMT
Hi Eben,

In order to know what is causing this, we need to know the full status
code.  There are many reason for a 401 status code.  It should be 401.#.  
What is the number after the dot?

Jim Cheshire [MSFT]
MCP+I, MCSE, MCSD, MCDBA
Microsoft Developer Support
jamesche@online.microsoft.com

This post is provided "AS-IS" with no warranties and confers no rights.

--------------------
>From:     Eben Jansen van Rensburg <ebenj@proactive-integ.co.za>
>X-Newsreader: AspNNTP 1.50 (ActionJackson.com)
[quoted text clipped - 8 lines]
>Lines: 1        
>Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12
.phx.gbl
>Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:10865
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
[quoted text clipped - 19 lines]
>
>Thanx 4 you're help guys.
Reply to this Message
Mike Schultz - 22 Jul 2004 16:09 GMT
The good news is that I happened upon this thread and subject and it
matches exactly what I've been having problems with.  The bad news is
that I also need help in dealing with the problem.  Please consider that
there's one more person hoping to hear a solution to this.
Reply to this Message
Jim Cheshire [MSFT] - 22 Jul 2004 16:32 GMT
Mike,

In order to determine the cause of any 401, we need to know the full status
code.  

Jim Cheshire [MSFT]
MCP+I, MCSE, MCSD, MCDBA
Microsoft Developer Support
jamesche@online.microsoft.com

This post is provided "AS-IS" with no warranties and confers no rights.

--------------------
>From:     Mike Schultz <aquafoil@comcast.net>
>References: <u2k4AmmbEHA.600@cpmsftngxa06.phx.gbl>
[quoted text clipped - 10 lines]
>Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
>Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:10910
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
>The good news is that I happened upon this thread and subject and it
>matches exactly what I've been having problems with.  The bad news is
>that I also need help in dealing with the problem.  Please consider that
>there's one more person hoping to hear a solution to this.
Reply to this Message
Mike Schultz - 22 Jul 2004 18:41 GMT
frefacad

Thanks for your reply; it is heartening!  Can you indulge me a little
further and clarify exactly what a 'full status code' is and how I go
about determining where I can find it.
As I'm certain you have discovered, I'm a bit of a novice at this.
Gratefully,
Reply to this Message
Jim Cheshire [MSFT] - 22 Jul 2004 22:36 GMT
Hi Mike,

It will be in the IIS logs located in
c:\<windows_dir>\system32\logfiles\w3svc#.  If you just send me that log
file, I can tell you the status code.

Jim Cheshire [MSFT]
MCP+I, MCSE, MCSD, MCDBA
Microsoft Developer Support
jamesche@online.microsoft.com

This post is provided "AS-IS" with no warranties and confers no rights.

--------------------
>From:     Mike Schultz <aquafoil@comcast.net>
>References: <TBtlmEAcEHA.3848@cpmsftngxa06.phx.gbl>
[quoted text clipped - 9 lines]
>Lines: 1        
>Path:
cpmsftngxa06.phx.gbl!TK2MSFTNGXS01.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP0
8.phx.gbl!tk2msftngp13.phx.gbl
>Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:10919
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
[quoted text clipped - 5 lines]
>As I'm certain you have discovered, I'm a bit of a novice at this.
>Gratefully,
Reply to this Message
Mike Schultz - 23 Jul 2004 02:14 GMT
frefacad

Jim:  Thanks for the information. I've included below the latest file in
C:\WINDOWS\system32\LogFiles\W3kSVC357097357\ex040722.log.   Once you've
determined the 'full status code', perhaps you can tell me how you
determined it, what is its significance, and what is to be done with the
information.   I very much appreciate the time you're taking for this.
Cheers,  Mike Schultz

#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 01:21:10
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 01:21:10 192.168.0.200 GET /scripts/root.exe /c+dir 80 -
68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET /MSADC/root.exe /c+dir 80 -
68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET /c/winnt/system32/cmd.exe /c+dir
80 - 68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET /d/winnt/system32/cmd.exe /c+dir
80 - 68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET
/scripts/..%5c../winnt/system32/cmd.exe /c+dir 80 - 68.32.113.86 - 401 1
64
2004-07-22 01:21:10 192.168.0.200 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 80 -
68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 80 -
68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET /scripts/winnt/system32/cmd.exe
/c+dir 80 - 68.32.113.86 - 401 1 64
2004-07-22 01:21:10 192.168.0.200 GET
/scripts/..../winnt/system32/cmd.exe /c+dir 80 - 68.32.113.86 - 401 1 64
2004-07-22 01:21:14 192.168.0.200 GET
/scripts/..../winnt/system32/cmd.exe /c+dir 80 - 68.32.113.86 - 401 1 64
2004-07-22 01:21:14 192.168.0.200 GET
/scripts/..%5c../winnt/system32/cmd.exe /c+dir 80 - 68.32.113.86 - 401 1
64
2004-07-22 01:21:14 192.168.0.200 GET
/scripts/..%2f../winnt/system32/cmd.exe /c+dir 80 - 68.32.113.86 - 401 1
64
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 11:16:03
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 11:16:03 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:16:03 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:16:03 192.168.0.200 GET /WebApp - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
301 0 0
2004-07-22 11:16:03 192.168.0.200 GET /WebApp/ - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
403 14 5
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 11:17:59
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 11:17:59 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:17:59 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:17:59 192.168.0.200 GET /WebApp - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
301 0 0
2004-07-22 11:17:59 192.168.0.200 GET /WebApp/ - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
403 14 5
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 11:19:51
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 11:19:51 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:19:51 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:19:51 192.168.0.200 GET /WebApp - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
301 0 0
2004-07-22 11:19:51 192.168.0.200 GET /WebApp/ - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
403 14 5
2004-07-22 11:20:13 192.168.0.200 GET
/WebApp/vs-60820186029650909_tmp.htm - 80 - 192.168.0.200
Microsoft-Visual-Studio.NET/7.10.3077 401 1 0
2004-07-22 11:20:13 192.168.0.200 GET
/WebApp/vs-60820186029650909_tmp.htm - 80 - 192.168.0.200
Microsoft-Visual-Studio.NET/7.10.3077 401 1 0
2004-07-22 11:20:13 192.168.0.200 GET
/WebApp/vs-60820186029650909_tmp.htm - 80 AQUAFOIL\Administrator
192.168.0.200 Microsoft-Visual-Studio.NET/7.10.3077 200 0 0
2004-07-22 11:20:13 192.168.0.200 GET /_vti_inf.html - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/2.0+(compatible;+MS+FrontPage+4.0) 404 0 2
2004-07-22 11:20:13 192.168.0.200 POST
/WebApp/_vti_bin/shtml.exe/_vti_rpc - 80 - 192.168.0.200 MSFrontPage/4.0
401 1 0
2004-07-22 11:20:13 192.168.0.200 POST
/WebApp/_vti_bin/shtml.exe/_vti_rpc - 80 AQUAFOIL\Administrator
192.168.0.200 MSFrontPage/4.0 404 0 3
2004-07-22 11:20:13 192.168.0.200 GET /_vti_inf.html - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/2.0+(compatible;+MS+FrontPage+4.0) 404 0 2
2004-07-22 11:20:13 192.168.0.200 POST /_vti_bin/shtml.exe/_vti_rpc - 80
AQUAFOIL\Administrator 192.168.0.200 MSFrontPage/4.0 404 0 3
2004-07-22 11:20:15 192.168.0.200 GET /WebApp/get_aspx_ver.aspx - 80
AQUAFOIL\Administrator 192.168.0.200
Microsoft-Visual-Studio.NET/7.10.3077 404 0 0
2004-07-22 11:23:12 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:23:12 192.168.0.200 GET /WebApp - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:23:12 192.168.0.200 GET /WebApp - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
301 0 0
2004-07-22 11:23:12 192.168.0.200 GET /WebApp/WebForm1.aspx - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
200 0 0
2004-07-22 11:23:35 192.168.0.200 GET /WebApp/ - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:23:51 192.168.0.200 GET /WebApp/ - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:23:51 192.168.0.200 GET /WebApp/WebForm1.aspx - 80
AQUAFOIL\Guest 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 3 0
2004-07-22 11:24:13 192.168.0.200 GET /WebApp/ - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:24:13 192.168.0.200 GET /WebApp/WebForm1.aspx - 80
AQUAFOIL\Guest 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 3 0
2004-07-22 11:24:18 192.168.0.200 GET /WebApp/ - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:24:18 192.168.0.200 GET /WebApp/WebForm1.aspx - 80
AQUAFOIL\Guest 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 3 0
2004-07-22 11:24:54 192.168.0.200 GET /WebApp - 80 - 192.168.0.20
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:24:54 192.168.0.200 GET /WebApp - 80 - 192.168.0.20
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:24:54 192.168.0.200 GET /WebApp - 80
AQUAFOIL\Administrator 192.168.0.20
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322)
301 0 0
2004-07-22 11:24:54 192.168.0.200 GET /WebApp/WebForm1.aspx - 80
AQUAFOIL\Administrator 192.168.0.20
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.0;+.NET+CLR+1.1.4322)
200 0 0
2004-07-22 11:32:30 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:32:30 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:32:30 192.168.0.200 GET /Acters - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
404 0 2
2004-07-22 11:32:50 192.168.0.200 GET /WebApp - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
301 0 0
2004-07-22 11:32:50 192.168.0.200 GET /WebApp/WebForm1.aspx - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
200 0 0
2004-07-22 11:32:56 192.168.0.200 GET /WebDeploy - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
404 0 2
2004-07-22 11:33:20 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:33:27 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:33:27 192.168.0.200 GET /Acters - 80 AQUAFOIL\Guest
192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
404 0 2
2004-07-22 11:36:06 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:36:20 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:36:20 192.168.0.200 GET /Acters - 80 AQUAFOIL\Guest
192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
404 0 2
2004-07-22 11:41:42 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:41:42 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:41:42 192.168.0.200 GET /Acters - 80
AQUAFOIL\Administrator 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
404 0 2
2004-07-22 11:45:04 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:45:11 192.168.0.200 GET /Acters - 80 - 192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
401 1 0
2004-07-22 11:45:11 192.168.0.200 GET /Acters - 80 AQUAFOIL\Guest
192.168.0.200
Mozilla/4.0+(compatible;+MSIE+6.0;+Windows+NT+5.2;+.NET+CLR+1.1.4322)
404 0 2
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 14:48:15
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 14:48:15 192.168.0.200 GET /scripts/root.exe /c+dir 80 -
68.175.181.239 - 401 1 64
2004-07-22 14:48:15 192.168.0.200 GET /MSADC/root.exe /c+dir 80 -
68.175.181.239 - 401 1 64
2004-07-22 14:48:15 192.168.0.200 GET /c/winnt/system32/cmd.exe /c+dir
80 - 68.175.181.239 - 401 1 64
2004-07-22 14:48:15 192.168.0.200 GET /d/winnt/system32/cmd.exe /c+dir
80 - 68.175.181.239 - 401 1 64
2004-07-22 14:48:15 192.168.0.200 GET
/scripts/..%5c../winnt/system32/cmd.exe /c+dir 80 - 68.175.181.239 - 401
1 64
2004-07-22 14:48:15 192.168.0.200 GET
/_vti_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 80 -
68.175.181.239 - 401 1 64
2004-07-22 14:48:15 192.168.0.200 GET
/_mem_bin/..%5c../..%5c../..%5c../winnt/system32/cmd.exe /c+dir 80 -
68.175.181.239 - 401 1 64
2004-07-22 14:48:15 192.168.0.200 GET /scripts/winnt/system32/cmd.exe
/c+dir 80 - 68.175.181.239 - 401 1 64
2004-07-22 14:48:16 192.168.0.200 GET
/scripts/..../winnt/system32/cmd.exe /c+dir 80 - 68.175.181.239 - 401 1
64
2004-07-22 14:48:16 192.168.0.200 GET
/scripts/..../winnt/system32/cmd.exe /c+dir 80 - 68.175.181.239 - 401 1
64
2004-07-22 14:48:19 192.168.0.200 GET
/scripts/..%5c../winnt/system32/cmd.exe /c+dir 80 - 68.175.181.239 - 401
1 64
2004-07-22 14:48:19 192.168.0.200 GET
/scripts/..%2f../winnt/system32/cmd.exe /c+dir 80 - 68.175.181.239 - 401
1 64
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 18:54:36
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 18:54:36 192.168.0.200 GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucb
d3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00
=a 80 - 68.40.13.10 - 401 1 64
#Software: Microsoft Internet Information Services 6.0
#Version: 1.0
#Date: 2004-07-22 22:31:30
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port
cs-username c-ip cs(User-Agent) sc-status sc-substatus sc-win32-status
2004-07-22 22:31:30 192.168.0.200 GET /default.ida
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXX%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucb
d3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00
=a 80 - 68.81.30.123 - 401 1 64
Reply to this Message
Jim Cheshire [MSFT] - 26 Jul 2004 17:08 GMT
Hi Mike,

You are getting a 401.1.  Look at this:

2004-07-22 14:48:15 192.168.0.200 GET /d/winnt/system32/cmd.exe /c+dir 80 -
68.175.181.239 - 401 1 64

Look at the end of the line, after the IP address.  You'll see this:

401 1 64

401.1 is what you're seeing.

Here's an article that outlines all of the IIS status codes.  You'll see
that 401.1 indicates logon failure, likely caused by the failure of the
account being used to execute cmd.exe:

http://support.microsoft.com/default.aspx?scid=KB;EN-US;318380

Jim Cheshire [MSFT]
MCP+I, MCSE, MCSD, MCDBA
Microsoft Developer Support
jamesche@online.microsoft.com

This post is provided "AS-IS" with no warranties and confers no rights.

--------------------
>From:     Mike Schultz <aquafoil@comcast.net>
>References: <MJYg9PDcEHA.3120@cpmsftngxa06.phx.gbl>
[quoted text clipped - 10 lines]
>Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP10.phx.gbl
>Xref: cpmsftngxa06.phx.gbl
microsoft.public.dotnet.framework.aspnet.security:10923
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security
>
[quoted text clipped - 298 lines]
>d3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00
>=a 80 - 68.81.30.123 - 401 1 64
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.