real_illusions Posted May 8, 2006 Share Posted May 8, 2006 i have an error system set in place, that whenever a file or folder or whatever is attempted to load, it sends me an email detailing what the error was, where, when, what page or file, time, and i can tell if its a real person or a bot.and the bots are trying to access files that dont exist, or haven't existed for several months at least.is there anyway of making them search only the files that are on the server and not some that are out of date and dont exist?its mostly yahoo bots that trying to find the wrong pages which haven't been online for several months, and trying to contact yahoo is like trying to get a brick to recite the whole works of shakespeare in japanese.but anyway, its mostly unknown bots that are not finding weird files like this -/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=6551&STRMVER=4&CAPREQ=0any suggestions?? Link to comment Share on other sites More sharing options...
justsomeguy Posted May 8, 2006 Share Posted May 8, 2006 It sounds like you have links pointing to things that aren't there. The best way to clean that up is to find the links that point there and change them. If you aren't already, log the referrer and track down where the links are. Link to comment Share on other sites More sharing options...
real_illusions Posted May 8, 2006 Author Share Posted May 8, 2006 there is no referrer on the emails, that line is blanki rebuilt the site months ago from scratch, so, there is no links anywhere to these broken files within the site. Link to comment Share on other sites More sharing options...
justsomeguy Posted May 8, 2006 Share Posted May 8, 2006 That's kind of weird... I can't see some spider just randomly trying an address like "/MSOffice/cltreq.asp?UL=1&ACT=4&BUILD=6551&STRMVER=4&CAPREQ=0" without a link. If you took this site over, could it possible that those links were present in the past? One thing you could try doing is searching Google (or Yahoo) for that address, and see what pops up.OK, I did some searching, and I think I've figured it out. As you can see, the url is "/MSOffice/cltreq.asp". Something to do with MS Office. You may also see requests for owssvr.dll. At first I thought it might be a hack attempt, someone trying to exploit a FrontPage extension or something like that, so they ping the site to see if you have the extension installed (the NIMDA worm did something similar). What I think now (c.f. here) is that this is an IE toolbar, and if someone has the Office discussion toolbar installed, IE will send a request to the server looking for these files to see if your server supports the discussion. I've seen people with the toolbar installed, where it says the website doesn't support discussions, and I wonder how it knew that. This is how, it sends a request for the specific build and version of the software it has installed and see if it gets anything back. IE phishing for discussions. Link to comment Share on other sites More sharing options...
real_illusions Posted May 9, 2006 Author Share Posted May 9, 2006 so i guess its nothing to worry about too much then? Link to comment Share on other sites More sharing options...
justsomeguy Posted May 9, 2006 Share Posted May 9, 2006 Right, you can't stop it, and it's not harmful, so don't worry about it. Link to comment Share on other sites More sharing options...
real_illusions Posted May 10, 2006 Author Share Posted May 10, 2006 ok..coolthanks for your help:) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now