tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From peter lin <peter....@labs.gte.com>
Subject Re: Security - Attack
Date Thu, 13 Jun 2002 13:40:24 GMT

Everyone has their preference, but the reason I do it is because of
maintenance. I can think of other reasons why a person may want to
filter the traffic.

1. keep weblog clean
2. reduce bandwidth usage

There are lots of ways to filter out the stuff for weblog analysis, so
writing a filter isn't necessarily easier or better. On the other hand,
if you're connection has a cap, then writing a filter will save your
bandwidth. Most production sites don't have bandwidth caps, but with
enough nimda requests, it can slow down the site performance.

everyone has different requirements, so use your own judgement as to
what makes the most sense technically and financially :)

peter


Tim Funk wrote:
> 
> Warning: this may start flame war - but its my opinion.
> 
> What is the purpose of detecting and trying to prevent these attacks? If
> someone code reds (or similar) you - they get a 404 error. Why waste the
> extra processing power and  extra config maintenance on something that
> does "no harm". When the next type of attack comes out - should the
> config be changed to address that? Its a waste of time.
> 
> -Tim
> 
> Jim Urban wrote:
> >>create a bunch of mod_rewrite filters (in httpd.conf - for Apache) that
> >
> > redirects
> >
> >>all those requests to www.microsoft.com
> >
> > Can you provide an example?
> >
> > Jim
> >
> 
> --
> To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message