tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cato, Christopher" <cc...@rational.com>
Subject RE: Security - Attack
Date Thu, 13 Jun 2002 13:53:07 GMT
Basically do one of these:

1) ignore the code red lines
2) read up on mod_rewrite and write a couple of filters. documentation is at
the www.apache.org site

> -----Original Message-----
> From: Laura [mailto:lauradiara@libero.it]
> Sent: den 13 juni 2002 15:35
> To: Tomcat Users List
> Subject: Re: Security - Attack
> 
> 
> Hi all,
> 
> thanks for your help. What do you suggest me to do?
> 
> Whe you say :"So it makes some sense to change the configuration
> for apache", what do you mean?
> 
> Laura
> 
> 
> 
> ----- Original Message -----
> From: "Ralph Einfeldt" <ralph.einfeldt@uptime-isc.de>
> To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
> Sent: Thursday, June 13, 2002 3:22 PM
> Subject: AW: Security - Attack
> 
> 
> I wouldn't say that they do no harm:
> 
> - They mess up your statistics
>   If you don't change your configuration it's not
>   possible to distinguish the 404 from the viruses
>   from others that might indicated errors in your
>   site. (I always get nervous if a server has a
>   'file not found' count > 0)
> - They (sometimes) kill your log file space
>   In high noon of nimda and code red, those viruses
>   produced serveral megabytes on logfiles for each
>   site we are hosting.
>   So it makes some sense to change the configuration
>   for apache.
> 
> > -----Urspr√ľngliche Nachricht-----
> > Von: Tim Funk [mailto:funkman@joedog.org]
> > Gesendet: Donnerstag, 13. Juni 2002 15:04
> > An: Tomcat Users List
> > Betreff: Re: Security - Attack
> >
> >
> > Warning: this may start flame war - but its my opinion.
> >
> > What is the purpose of detecting and trying to prevent these
> > attacks? If
> > someone code reds (or similar) you - they get a 404 error.
> > Why waste the
> > extra processing power and  extra config maintenance on
> > something that
> > does "no harm". When the next type of attack comes out - should the
> > config be changed to address that? Its a waste of time.
> >
> > -Tim
> >
> > Jim Urban wrote:
> > >>create a bunch of mod_rewrite filters (in httpd.conf - for
> > Apache) that
> > >
> > > redirects
> > >
> > >>all those requests to www.microsoft.com
> > >
> > > Can you provide an example?
> > >
> > > Jim
> > >
> >
> >
> > --
> > To unsubscribe, e-mail:
> > <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> > For additional commands, e-mail:
> > <mailto:tomcat-user-help@jakarta.apache.org>
> >
> >
> >
> 
> --
> To unsubscribe, e-mail:
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:tomcat-user-help@jakarta.apache.org>
> 
> 
> 
> --
> To unsubscribe, e-mail:   
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: 
> <mailto:tomcat-user-help@jakarta.apache.org>
> 

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message