Getting an Error and not sure what it is...

This is the place to report bugs and get support. When posting in this forum, please always provide as much detail as possible.

Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum, do not report it as a bug.

This is the place to report bugs and get support

When posting in this forum, please try to provide as many relevant details as possible. Particularly the following:

  • What operating system were you running when the bug appeared?
  • What database platform is your site using?
  • What version of mojoPortal are you running?
  • What version of .NET do you use?
  • What steps are necessary to reproduce the issue? Compare expected results vs actual results.
Please do not report problems with a custom build or custom code in this forum. If you are producing your own build from the source code and have problems or questions, ask in the developer forum.
This thread is closed to new posts. You must sign in to post in the forums.
6/27/2011 6:46:50 PM
mschlaudraff
Gravatar
Total Posts 165
View Posts

Getting an Error and not sure what it is...

Hey Joe,

In the log for www.dsatallahassee.org I getting the following:

2011-06-27 13:12:34,741 ERROR mojoPortal.Web.Global - 172.16.11.245-en-US - /ScriptResource.axd- Referrer(none)
System.Web.HttpException (0x80004005): This is an invalid script resource request.
   at System.Web.Handlers.ScriptResourceHandler.Throw404()
   at System.Web.Handlers.ScriptResourceHandler.ProcessRequest(HttpContext context)
   at System.Web.Handlers.ScriptResourceHandler.System.Web.IHttpHandler.ProcessRequest(HttpContext context)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

Full Log file

Please advise, I'm unable to locate information on this.

 

6/28/2011 6:02:31 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Getting an Error and not sure what it is...

That is most likely just things poking at your site, not something I would worry about. There was once a security issue in ASP.NET where they could figure out the machine key by the timing of certain errors, when I see these in my logs I'm pretty sure it is bots testing to see if your site has the patches or not. There was a similar way to exploit the same thing using viewstate errors and occasionally I see lots and lots of viewstate errors in rapid succession from the same ip address. When I see lots and lots of errors in a row from the same ip address I usually ban the ip address. But with the script error you posted I usually only see one or two in a row so I don't ban those.

Be careful also about banning based on viewstate errors as there are innocent reasons that error can occur if the user has a slow connection and clicks buttons before the page is fully loaded for example can cause a viewstate error, but when you see dozens of them in row with fractions of a second in their timing thats when I become convinced it is an attack. In both cases the issue was already fixed in ASP.NET so there is no danger of a successful attack.

Best,

Joe

You must sign in to post in the forums. This thread is closed to new posts.