« Previous Next »

• 09-05-2008, 2:24 PM

  jeremyn11 Joined on 01-24-2004, 8:45 PM Posts 1

  URLScan Recycle Reply Contact  In our URLScan logs we get the following quite a bit - - - - - - - - - - - - - - - - - - - - - - - - #Software: Microsoft UrlScan 3.0 #Version: 1.0 #Date: 2008-09-04 01:01:20 - - - - - - - - - - - - - - - - - - - - - - - - Does anyone know if this means that UrlScan is recycling and we have a period of time where something like an SQL injection (if you setup the filters of course) can get through?  Respectfully,  -Jeremy

  Tags: securityIIS 6.0security risksUrlScanURlScan SQL Injection

• 09-05-2008, 3:18 PM

  In reply to

  naziml Joined on 03-10-2008, 6:25 PM Posts 41	Re: URLScan Recycle Reply Contact We will insert the header in the log everytime you make changes to your urlscan configuration and save it. If there are errors with the changes you have made to config, this header will also contain warnings.

• 09-05-2008, 6:34 PM

  In reply to

  wadeh Joined on 04-19-2005, 10:17 PM Posts 112

  Re: URLScan Recycle Reply Contact We will write the log headers every time UrlScan is initialized and every time that the configuration changes. UrlScan is loaded when the IIS worker process initializes, before any request is processed.  And it is unloaded when the worker process shuts down, after the last request is done.  There is no window of time where a request could be processed without UrlScan. If you are seeing multiple log headers per day and are not changing the configuration, then it means that your worker process is recycling.  This is a normal part of IIS operation and is nothing to worry about. Thanks, -Wade