tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stuart Stephen" <>
Subject RE: Security - Attack
Date Thu, 13 Jun 2002 08:43:20 GMT
I think they are code red attacks. These shouldn't be anything to worry
about on a Tomcat server if I am correct in my thinking. They only affect

-----Original Message-----
From: Laura []
Sent: 13 June 2002 09:35
To: Tomcat Users List
Subject: Security - Attack

Hi all,

well I have, in my opinion, a very interesting question.

Last week we went in a production enviroment: we have apache + tomcat with
an important web application xxx (http.conf has JkMount /xxx worker).

Well, this morning I have discovered that somebody has tried to attack my
server: in the Apache error log I have found calls as
/scripts/..%5c%5c../winnt/system32/cmd.exe, /scripts/....., and so on.

My question is: is Tomcat secure? How can I do Tomcat secure? Is all my
system secure? ( my machine is a solaris 8).



To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message