tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ralph Einfeldt" <ralph.einfe...@uptime-isc.de>
Subject AW: Security - Attack
Date Thu, 13 Jun 2002 13:22:13 GMT
I wouldn't say that they do no harm:

- They mess up your statistics
  If you don't change your configuration it's not
  possible to distinguish the 404 from the viruses
  from others that might indicated errors in your 
  site. (I always get nervous if a server has a
  'file not found' count > 0)
- They (sometimes) kill your log file space
  In high noon of nimda and code red, those viruses
  produced serveral megabytes on logfiles for each 
  site we are hosting.
  So it makes some sense to change the configuration 
  for apache.

> -----Urspr√ľngliche Nachricht-----
> Von: Tim Funk [mailto:funkman@joedog.org]
> Gesendet: Donnerstag, 13. Juni 2002 15:04
> An: Tomcat Users List
> Betreff: Re: Security - Attack
> 
> 
> Warning: this may start flame war - but its my opinion.
> 
> What is the purpose of detecting and trying to prevent these 
> attacks? If 
> someone code reds (or similar) you - they get a 404 error. 
> Why waste the 
> extra processing power and  extra config maintenance on 
> something that 
> does "no harm". When the next type of attack comes out - should the 
> config be changed to address that? Its a waste of time.
> 
> -Tim
> 
> Jim Urban wrote:
> >>create a bunch of mod_rewrite filters (in httpd.conf - for 
> Apache) that
> > 
> > redirects
> > 
> >>all those requests to www.microsoft.com
> > 
> > Can you provide an example?
> > 
> > Jim
> > 
> 
> 
> --
> To unsubscribe, e-mail:   
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: 
> <mailto:tomcat-user-help@jakarta.apache.org>
> 
> 
> 

--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message