Return-Path: Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org Received: (qmail 57781 invoked from network); 13 Jun 2002 12:30:22 -0000 Received: from unknown (HELO nagoya.betaversion.org) (192.18.49.131) by daedalus.apache.org with SMTP; 13 Jun 2002 12:30:21 -0000 Received: (qmail 701 invoked by uid 97); 13 Jun 2002 12:29:59 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org Received: (qmail 675 invoked by uid 97); 13 Jun 2002 12:29:58 -0000 Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Users List" Reply-To: "Tomcat Users List" Delivered-To: mailing list tomcat-user@jakarta.apache.org Received: (qmail 663 invoked by uid 98); 13 Jun 2002 12:29:58 -0000 X-Antivirus: nagoya (v4198 created Apr 24 2002) Message-ID: <3D0890AF.ADBBB91C@labs.gte.com> Date: Thu, 13 Jun 2002 08:31:43 -0400 From: peter lin X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: Tomcat Users List Subject: Re: Security - Attack References: <01b201c212b5$40cdb9c0$5be94cc1@pisa.iol.it> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N apache and tomcat aren't vulnerable, but putting up a firewall to block the IP might be a good idea. For my own server I zone alarm pro, which will block IP trying this exact type of exploit. peter Laura wrote: > > Hi all, > > well I have, in my opinion, a very interesting question. > > Last week we went in a production enviroment: we have apache + tomcat with an important web application xxx (http.conf has JkMount /xxx worker). > > Well, this morning I have discovered that somebody has tried to attack my server: in the Apache error log I have found calls as /scripts/..%5c%5c../winnt/system32/cmd.exe, /scripts/....., and so on. > > My question is: is Tomcat secure? How can I do Tomcat secure? Is all my system secure? ( my machine is a solaris 8). > > Thanks > > Laura -- To unsubscribe, e-mail: For additional commands, e-mail: