Path 'CONNECT' is forbidden ??

G

Guest

Hi everyone,

Every now and then I'm receiving the error posted below. I"m routing all my
traffic through mod_proxy (apache) to my asp.net 2.0 (w2k3) machine. I can't
reproduce this error and my site appears fine through my browser. I'm
wondering if it is a search bot that is making these requests. Anyways, I
can't find anything on google about this particular message. Any ideas
greatly appreciated!!

--------------------
Event code: 3005
Event message: An unhandled exception has occurred.
Event time: 7/24/2007 9:14:37 AM
Event time (UTC): 7/24/2007 4:14:37 PM
Event ID: 1f45b2bb691b4d1da5bbde747ea34d1a
Event sequence: 4828
Event occurrence: 5
Event detail code: 0

Application information:
Application domain: /LM/W3SVC/193669135/Root-1-128297109723670367
Trust level: Full
Application Virtual Path: /
Application Path: C:\Inetpub\wwwroot\InnsOf\
Machine name: APPLE

Process information:
Process ID: 4608
Process name: w3wp.exe
Account name: NT AUTHORITY\NETWORK SERVICE

Exception information:
Exception type: HttpException
Exception message: Path 'CONNECT' is forbidden.

Request information:
Request URL: http://216-55-149-22.dedicated.abac.net/
Request path: /
User host address: 216.55.149.22
User:
Is authenticated: False
Authentication Type:
Thread account name: NT AUTHORITY\NETWORK SERVICE

Thread information:
Thread ID: 9
Thread account name: NT AUTHORITY\NETWORK SERVICE
Is impersonating: False
Stack trace: at
System.Web.HttpMethodNotAllowedHandler.ProcessRequest(HttpContext context)
at
System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously)


Custom event details:

For more information, see Help and Support Center at
http://go.microsoft.com/fwlink/events.asp.
-------------------------
 
G

Guest

Well...to possibly answer my question, I did find some information that said
that apache supports a connect verb, mainly used as a (http tunnelling) hack
to try and send SPAM. Hopefully it is just random spamming attempts.
Incidentally, IIS6 doesn't support the 'CONNECT' protocol - and so is not
vulnerable to this.

Just lifted from another page, no idea if it is actually true.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,828
Messages
2,569,736
Members
45,518
Latest member
vlonesshirt

Latest Threads

Top