tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Laura" <>
Subject Security - Attack
Date Thu, 13 Jun 2002 08:35:19 GMT
Hi all,

well I have, in my opinion, a very interesting question.

Last week we went in a production enviroment: we have apache + tomcat with an important web
application xxx (http.conf has JkMount /xxx worker).

Well, this morning I have discovered that somebody has tried to attack my server: in the Apache
error log I have found calls as /scripts/..%5c%5c../winnt/system32/cmd.exe, /scripts/.....,
and so on.

My question is: is Tomcat secure? How can I do Tomcat secure? Is all my system secure? ( my
machine is a solaris 8).



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message