Return-Path: 
 <tomcat-user-return-1612-qmlist-jakarta-archive-tomcat-user=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org
Received: (qmail 99736 invoked from network); 9 Nov 2001 18:57:24 -0000
Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131)
  by daedalus.apache.org with SMTP; 9 Nov 2001 18:57:24 -0000
Received: (qmail 1957 invoked by uid 97); 9 Nov 2001 18:51:08 -0000
Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org
Received: (qmail 1712 invoked by uid 97); 9 Nov 2001 18:51:01 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-user-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 1589 invoked from network); 9 Nov 2001 18:50:57 -0000
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Subject: Hackers shutting down your Tomcat 4.x server?
x-mimeole: Produced By Microsoft Exchange V6.0.4417.0
Date: Fri, 9 Nov 2001 12:49:23 -0600
Message-ID: <4A3CA90041A6514091BC65796AFF469B2FD8BC@EXCH2K.softswitch.com>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: I give up!
Thread-Index: AcFpTT0gvscKmC/QSdihwjebe9Pr8wAAWH+A
From: "John Freeborg" <jfreeborg@softswitch.com>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

As I was reading through the server.xml config documentation I noticed
that the shutdown attribute of the server element is described as:

      The command string that must be received via a
      TCP/IP connection to the specified port number
      in order to shut down Tomcat.

      <Server port=3D"8005" shutdown=3D"SHUTDOWN" debug=3D"99">

Am I correct in assuming that this would be a great thing to change if
you have a server out in the wild? (and perhaps the port also)

Other than a firewall blocking traffic to this port, what would prevent
some random hacker from connecting to port 8005 and shutting down my
server?

Thanks,
 - John

--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>