MICROSOFT

[John Kelly]

WOULD THE PRAT AT MICROSOFT PLEASE STOP TRYING TO GAIN ACCESS TO MY WEBSITE

Host: 207.46.238.133 Url:
/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=5606&STRMVER=4&CAPREQ=0
<http://www.the-kellys.org/_vti_bin/owssvr.dll?UL=1&ACT=4&BUILD=5606&STRMVER=4&CAPREQ=0>
Http Code : 403 Date: Jun 02 17:59:27 Http Version: HTTP/1.0" Size in Bytes:
1745 Referer: <-> Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
DVD Owner; .NET CLR 1.0.3705; .NET CLR 1.2.21213; .NET CLR 1.1.4322; .NET
CLR 2.0.31113)

YOU ARE NOT WELCOME THERE.

--
Best Wishes.....John Kelly
www.the-kellys.org
www.the-kellys.co.uk
All material gained from other sources is duly acknowledged. No Value is
obtained by publishing in any format other peoples work

 

[Jack]

Oh my! Someone using MSN as an ISP trying to access your website. Sic one
of your lackey's on them!

Jack

 

[Galan Bridgman [MVP-Digital Media]]

John,

All this means is that someone with Office 2003 installed, and with the
Discussion toolbar turned on in IE visited your site. Try it (if you have
the aforementioned software) yourself on your own site and then check your
logs. (The Discusssion toolbar is enabled by the yellow notepad icon in
IE.)

This isn't a hack attempt, it's just a protocol for enabling discussions.
(See:
http://msdn.microsoft.com/library/d...n-us/spptsdk/html/tsrpcmCltreq_SV01108170.asp)
In your case, it was a query to see if your website supports discussions.
(Action 4.) It's also in use now by Windows Sharepoint Services in Windows
Server 2003. No biggie.

-- Galan

Microsoft MVP - Windows XP Digital Media

 

[Jack]

No dx2. Bill Gates is only helping the CIA look into his website. They
are suspicious of the many disguises he uses to reply to himself. Indeed
it is strange. His jolly followers are not doubt scambling to cover up
the evidence even as we speak.

Jack

 

[John Kelly]

Hello there,

Thank you for that...interesting. It always happens as a rule immediately
prior to one of the MVP's having a laugh about not being able to gain
access to the web site, they post one of their child like comments (There
are plenty to see). You can then see why I assumed it was another of those
attempts. Thank you for the polite way (Something quite uncommon in here)
of passing on that info.

--
Best Wishes.....John Kelly
www.the-kellys.org
www.the-kellys.co.uk
All material gained from other sources is duly acknowledged. No Value is
obtained by publishing in any format other peoples work

 

[John Eddy [MSFT]]

Hello there,

Thank you for that...interesting. It always happens as a rule immediately
prior to one of the MVP's having a laugh about not being able to gain
access to the web site, they post one of their child like comments (There
are plenty to see). You can then see why I assumed it was another of those
attempts. Thank you for the polite way (Something quite uncommon in here)
of passing on that info.

John,

Just a little further information, if you would like to report any suspected
hacking attempt originating from a Microsoft address, we have the
(e-mail address removed) address set up for things such as this.

John Eddy
Microsoft Newsgroups Administrator

 

[John Kelly]

Hello again,

Well, you can call it a coincidence if you like, since the stupid messages
have stopped (just after I posted my first on this) so have all of the
attempts to gain access. We have gone from several attempts a day for quite
a while to None at all. Speaks volumes to me.

 

[Dana Cline - MVP]

Well, you can call it a coincidence if you like, since the stupid messages

have stopped (just after I posted my first on this) so have all of the
attempts to gain access. We have gone from several attempts a day for quite
a while to None at all. Speaks volumes to me.

If you mean all that stuff originating from shaw.cable.ca a while back,
maybe it helped that I reported a bunch of them to Shaw Cable Company and
they said they'd take action...

Dana Cline - MVP

 

[John Kelly]

Hello Dana,

I have had several days worth of port probes (Sometimes as high as 5 port
probes a second) running on for hours at a time (This against my firewall
not the web site) The logs that I sent to my ISP were so long I had to
break the message up into smaller messages (They do not accept file
attachments) There were about 6 IP address's in those logs, some from
England but most from Shaw cable. It went on for several days after I
complained but they stopped too.

Unfortunately this message thread, started by me, was aimed at certain
people connected with Microsoft, and as my previous message says, there
have been no further attempts at getting into my web site. As you probably
know, there is nothing there that would interest Microsoft anyway.....