This seems like a phishing attack, and it's a disclosure vulnerability to send 404 response in this case. Unfortunately that's just what IIS does.
I would rather these guys not even know my server existed.
Edit: Of course, once a TCP connection has already been established, they know something is on that port. It might be nice if they didn't know it was IIS on the other side
I'm trying to monitor total CPU usage on a Win2k8 R2 server using Performance Monitor.
I'm running in HyperV VM on a 12-core system but only a single hyper-threaded core is allocated to this image (so two CPUs from the OS perspective).
I'm looking at the 'Report' view of Current Activity, with a report showing the following data points:
Processor(_Total)\%Idle Time
Processor(_Total)\%Processor Time
Processor(_Total)\'%Processor Time' regularly jumps up to values between 15% - 30% and then falls back to '---' and then to '0.000', even when the server is apparently idle.
Processor(_Total)\'% Idle Time' however remains at or near 100.00 most of the time the '%Processor Time' values are jumping around, but will drop below 100 if I do something that I know is producing load like running some SQL queries.
This had lead me to believe that '% Idle Time' is a more "reliable" measure of true CPU load than the "%Processor Time", but after much searching I can't figure out why this would be the case?
Now what's really freaky is if I add 'Processor Information(0,_Total)\%Idle Time' into the same report, the 'Processor(_Total)\%Processor Time' and 'Processor(_Total)\%Idle Time' all of a sudden start showing consistent and believable data, while the 'Processor Information(0,_Total)\%Idle Time' value jumps around in strange ways and even shows values > 100%.
Sorry for the long-winded question... this is really strange behavior, has anyone seen it before?