IIS 5 re-start?

[bob332]

sometimes i will notice my site is not up, so i will restart iis and then all is well. what could be causing this? iis 5, latest patches, win2k server, plenty of cpu, ram and hdd. please don't let this go into a linux/apache vs. win2k server/iis5 flame.

 

[n0cmonkey]

Anything in the logs? Check disk come out ok? Maybe your ram is bad. The hardware you mention doesnt say much for that machine 😉

And I think you should be using OpenBSD + Zeus. Forget IIS and Win2k and Apache and Linux 😀

 

[mattbta]

How long ago did you install Server/IIS? Could be a bad (corrupt) install from the get go.

 

[bob332]

the hardware is as follows:
abit kt7-raid m/b
athlon 750MHz
256MB Ram
30GB Hdd
3com nic
3dfx Voodoo 3000 AGP

this is a new problem, it had been running fine for about 2 weeks. logs say that the iis server terminated unexpectantly and it has done this 2 time before, but that is it.

come to think of it, this problem only started after the last m$ security update a couple of days ago...

 

[mattbta]

Well, I bet I would have had that problem too, except I couldn't even boot into my server after I installed that security rollup....kept getting an error that lsass.exe has terminated unexpectedly with error 1073741819. Had to boot into safe mode and uninstall the update. Might uninstall that update yourself and see if that fixes things. I believe the security rollup was just a repackaging of previous patches and a couple of new ones.

 

[n0cmonkey]

<< Well, I bet I would have had that problem too, except I couldn't even boot into my server after I installed that security rollup....kept getting an error that lsass.exe has terminated unexpectedly with error 1073741819. Had to boot into safe mode and uninstall the update. Might uninstall that update yourself and see if that fixes things. I believe the security rollup was just a repackaging of previous patches and a couple of new ones. >>



If that solves the problem you may want to reevaluate your server solution...

 

[Thor86]

Make sure you have the latest motherboard drivers installed, and if your nic card is set to not power down in power saving mode.

 

[n0cmonkey]

<< Make sure you have the latest motherboard drivers installed, and if your nic card is set to not power down in power saving mode. >>



I thought win2k server wouldnt put itself into power saving mode.

 

[bob332]

m/b has latest bios and the only power saving is the monitor shuts off, all others stay on

 

[mattbta]

<< If that solves the problem you may want to reevaluate your server solution... >>



Heh....I'm downloading the eval of Netware 6.

I knew you would say something like that! <grin> 🙂

 

[n0cmonkey]

<<

<< If that solves the problem you may want to reevaluate your server solution... >>



Heh....I'm downloading the eval of Netware 6.

I knew you would say something like that! <grin> 🙂 >>



This wasnt just a random dig on Microsoft. Security is a HUGE concern. I would say the same thing about OpenBSD if a security fix broke apache or sendmail. That is just rediculous. Of course, this is my opinion. 🙂

 

[bob332]

what do you all think of running apache 1.3.23 on a win2k pro install? this win2k server is becoming a pain in the a$$!!! i am also d/l redhat and mandrake linux. i have never run linux, but would be willing to give it a try if it would be stable and secure.

 

[mattbta]

Bob, if you search the MS site for an app called IIS secure or IIS lockdown, that will successfully stop all the hack attempts and keeps malformed URL's out.

I don't know about you, but I use ASP, PHP and PERL on my sites. With apache on my win2k server, I couldn't ever get perl to map correctly. PHP was just fine tho. As well- if you use win2k pro, only 10 people can connect to your server at a time. I believe this holds true with apache being on there too.

Keep in mind, each OS/server is only as secure as YOU make it. Most people don't take the time to make the windows totally secure or don't know how, so the script kiddies go after those boxes more.

 

[bob332]

i have iis lockdown installed and also the url scanner, the most up to date patches and have read 3-4 books on how to secure the server. i am not saying that it is totally secure, but it is pretty secure, more so than if nothing had been done to it.

 

[mattbta]

Good deal. Then why switch??

Have you uninstalled that security roll up to see if it stops stopping your server? I know that the rollup was the source of my troubles.

Good luck.

 

[bob332]

the last update i did was the ie6 security patch, and according to m$, you can't uninstall it. the rollout didn't give me any problems 🙁