.NET follies
2004-06-17 23:29:06.071943+00 by
Dan Lyke
3 comments
Nerd alert: Skip this unless you think a pocket protector is the height of style on those rare days when you actually wear a shirt with a pocket...
Argh. Spent a bit of the afternoon with a coworker digging through SOAP calls as displayed by Ethereal and contrasting that to what came out of logging at other levels in the monstrosity that is IIS and notYET and who knows what else.
Unfortunately, the symptoms we're seeing are way too freakin' weird to even bother trying to describe here. It's like a web services call from a specific machine is attempting to log in a user on the server, which is creating printers from one domain on the server of another domain. Needless to say, we are all massively confused.
[ related topics:
Dan's Life Microsoft
]
comments in ascending chronological order (reverse):
#Comment Re: made: 2004-06-18 10:34:02.749958+00 by:
meuon
I like Sniffit as well as it dumps out nice files with the raw data, and has good filters for selecting IP address and protocols. The "-I" mode is just plain handy for network troubleshooting and such. Not as useful for your application, but NTOP Rocks! as a whole network sniffer and analyzer.
#Comment Re: made: 2004-06-18 16:58:14.971513+00 by:
Dan Lyke
Apparently the SOAP dispatcher is attempting to load printers based on the machine name (without domain name or any authentication) from a previous VPN login to that server.
Can you say "potential for DOS attacks?" I thought you could. Just send a SOAP message to a "web services" server with the name of another machine on their network, watch it thrash while it configures the printer. Bonus points if the printer is no longer accessible from the server's network.
#Comment Re: made: 2004-06-23 19:58:25.065403+00 by:
Dan Lyke
Whoops. Take it back, that was actually a side effect of something else (which it shouldn't have been, but we'll leave that particular decision for now).
Of course we're still flummoxed.