Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

_vti_bin and _vti_inf.html

Status
Not open for further replies.

SaltyDuke

Programmer
Sep 18, 2002
140
IE
greetings

just noticed people looking for the following files on my server:

_vti_bin
_vti_inf.html

clearly someone was trying to hack into the server. i don't know what they were playing at, but i thought i'd post this FYI to warn others. [pipe]
 
Hi mate,

Is that not something to do with the dreaded Frontpage?

I don't use it personally, but I recognise that from a clients site.

Hope this helps Wullie

sales@freshlookdesign.co.uk

The pessimist complains about the wind. The optimist expects it to change. The leader adjusts the sails. - John Maxwell
 
I think so too. //Daniel
 
I have the same problem - it comes from Frontpage - for sure.
But why? What have clients to do, that my Statistic Tool for my CMS shows me
reqs: file
----: ----
281: /_vti_bin/shtml.exe/_vti_rpc
281: /_vti_inf.html

is it dangerours or harmless?

Greetings
Kukla
 
Hi mate,

A properly configured HTTP POST request sent to shtml.exe can reveal the FrontPage Server Extensions version, the Web server software and version, the OS platform, the name of the anonymous Web user account, and the names of FrontPage Webs. Although this information itself isn't sensitive, an attacker might use it to facilitate other attacks.


Source:
Hope this helps Wullie

- Send your letter to santa!!

The pessimist complains about the wind. The optimist expects it to change. The leader adjusts the sails. - John Maxwell
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top