Sam it is win 2000 server SP3 with the MSauto update, we verify it last hotfix is q323172 (from last week) It is old old server. (400 Mh with 256 meg ram....and 20gig ) In production for more than 3 years, without any software modification. last september after the Nimda we upgarded it from NT4 to w2000.
IIS5 (without index server) and norton AV are the only working app's User Mail and IE are disabled test SQL 7 was running there but we remobed it as part of this problem Tank Beny ----- Original Message ----- From: "Sam Thompson" <[EMAIL PROTECTED]> To: "ActiveServerPages" <[EMAIL PROTECTED]> Sent: Wednesday, September 04, 2002 11:13 AM Subject: Re: IIS bug with <pre> CRLF</pre> or am I carazy???? > Ben, whats the spec of the server in question, have you got all the latest > patches and service packs? > > Cheers > Sam Thompson > ---------------------------------------------- > 2cs Communications Ltd > http://www.2cs.com > [EMAIL PROTECTED] > T: 01473 622263 > F: 01473 622515 > ----------------------------------------------- > ----- Original Message ----- > From: "Ben Jacob" <[EMAIL PROTECTED]> > To: "ActiveServerPages" <[EMAIL PROTECTED]> > Sent: Wednesday, September 04, 2002 1:06 AM > Subject: Re: IIS bug with <pre> CRLF</pre> or am I carazy???? > > > > We allready test with the crlf on a test server nothing happend > > on production server (where we can not do too much testing ) > > > > 1. original code - after few hours the srver go down > > 2. the page modify ro exclude vb code (the page was a asp with allot of > > code) but with the CRLF- the server go down > > 3. The orignal code without the CRLF - the server stay up, it is working > > like that since Monday > > 4. on test server the original code work without any problrm > > > > so for my prespective a bunch of CRLF's do take the server down (or I am > > crazy...)\ > > and we will check for crlf on entry forms > > > > what do u know > > > > thank > > > > beny > > ----- Original Message ----- > > From: "Ben Timby" <[EMAIL PROTECTED]> > > To: "ActiveServerPages" <[EMAIL PROTECTED]> > > Sent: Tuesday, September 03, 2002 9:21 PM > > Subject: RE: IIS bug with <pre> CRLF</pre> or am I carazy???? > > > > > > > > > > -----BEGIN PGP SIGNED MESSAGE----- > > > Hash: SHA1 > > > > > > Ben, I am sorry, I just don't buy it. I would imagine that there has > > > to be something else wrong w/ the app other than a bunch of CRLF's in > > > the page. I would wait until you can do some testing before I would > > > point any fingers. I guess stranger stuff has happened, but I would > > > base my conclusion on hard facts, and not speculation. > > > > > > Ben Timby > > > Webexcellence > > > PH: 317.423.3548 x23 > > > TF: 800.808.6332 x23 > > > FX: 317.423.8735 > > > [EMAIL PROTECTED] > > > www.webexc.com > > > > > > - -----Original Message----- > > > From: Ben Jacob [mailto:[EMAIL PROTECTED]] > > > Sent: Tuesday, September 03, 2002 6:40 AM > > > To: ActiveServerPages > > > Subject: Re: IIS bug with <pre> CRLF</pre> or am I carazy???? > > > > > > > > > > > > no the prograner just hit the [enter] key, when u look on HEX u see > > > 0d10 0d10 for two blocks > > > we found that ot was working like that for almost a year, but this > > > page will > > > take the server down > > > theb only change we can think of was sp3 ? > > > > > > beny > > > - ----- Original Message ----- > > > From: "Sam Thompson" <[EMAIL PROTECTED]> > > > To: "ActiveServerPages" <[EMAIL PROTECTED]> > > > Sent: Monday, September 02, 2002 10:36 AM > > > Subject: Re: IIS bug with <pre> CRLF</pre> or am I carazy???? > > > > > > > > > > what did the code look like? > > > > > > > > <pre><%=CrLf%></pre> ? > > > > > > > > Sam Thompson > > > > ---------------------------------------------- > > > > 2cs Communications Ltd > > > > http://www.2cs.com > > > > [EMAIL PROTECTED] > > > > T: 01473 622263 > > > > F: 01473 622515 > > > > ----------------------------------------------- > > > > ----- Original Message ----- > > > > From: "Ben Jacob" <[EMAIL PROTECTED]> > > > > To: "ActiveServerPages" <[EMAIL PROTECTED]> > > > > Sent: Saturday, August 31, 2002 11:46 PM > > > > Subject: IIS bug with <pre> CRLF</pre> or am I carazy???? > > > > > > > > > > > > > Here is a weird story/IIs bug. For 4 days production server was > > > > > down, > > > > every > > > > > thing look normal, no error on the log but the sites were > > > > > behaving like under an external attack. It toke to serve a asp > > > > > page up to 5 minutes > > > and > > > > if > > > > > we did not shut down the IIS after few hours the server become > > > > unaccessible > > > > > and require power hard boot. We look every where found nothing (I > > > > > was > > > sure > > > > > it is a virus or Trojan). By try and error we identified one site > > > > > that cause the problem (there are more than 30 sites there). > > > > > > > > > > Make the long story short we found a asp file with <pre></pre> > > > > > with 480 CRLF in between. Don't ask me why the html programmer > > > > > did it, I do not > > > > care, > > > > > but if it is true it means that a simple html code can take down > > > > > a > > > server > > > > > (even a user on a forum / form that allow to post text with html > > > > > tags) > > > > > > > > > > Can some one test it? For some internal problems we will not have > > > > > access > > > > to > > > > > test server till Tuesday. And I am not daring to try it on > > > > > production > > > one > > > > > more time. > > > > > > > > > > I am not even sure it is the problem. All we know is that the > > > > > site with > > > > this > > > > > asp file was causing the problem and I can not take them down one > > > > > more > > > > time. > > > > > > > > > > > > > > > > > > > > thank > > > > > > > > > > Beny > > > > > > > > > > > > > > > > > > > > --- > > > > > You are currently subscribed to activeserverpages as: [EMAIL PROTECTED] > > > > > To unsubscribe send a blank email to > > > > %%email.unsub%% > > > > > > > > > > > > > > > > > --- > > > > You are currently subscribed to activeserverpages as: > > > > [EMAIL PROTECTED] To unsubscribe send a blank email to > > > %%email.unsub%% > > > > > > > > > > > > > > > > > > > > > > - --- > > > You are currently subscribed to activeserverpages as: [EMAIL PROTECTED] > > > To unsubscribe send a blank email to > > > %%email.unsub%% > > > > > > -----BEGIN PGP SIGNATURE----- > > > Version: PGP 7.0.4 > > > > > > iQA/AwUBPXULrPnby1cCm2Q8EQJHeQCfcf95lgqK4gjYwxAj1FUaeaYc1KcAn0pZ > > > 6jRnW2yKNlJM+xGUx/m4HIYa > > > =RiZU > > > -----END PGP SIGNATURE----- > > > > > > > > > > > > --- > > > You are currently subscribed to activeserverpages as: [EMAIL PROTECTED] > > > To unsubscribe send a blank email to > > %%email.unsub%% > > > > > > > > > --- > > You are currently subscribed to activeserverpages as: [EMAIL PROTECTED] > > To unsubscribe send a blank email to > %%email.unsub%% > > > > > --- > You are currently subscribed to activeserverpages as: [EMAIL PROTECTED] > To unsubscribe send a blank email to %%email.unsub%% > --- You are currently subscribed to activeserverpages as: [email protected] To unsubscribe send a blank email to [EMAIL PROTECTED]
