tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Schönhaber <>
Subject Re: Is Tomcat being hacked by curl ?
Date Thu, 23 Aug 2007 08:33:06 GMT
Lyallex wrote:

> This question concerns access to a running Tomcat instance by a
> previously unseen/unknown user agent.

> Is it a 'Tomcat' question ?... I'm not sure but here goes anyway.


> The following might be quite harmless but it would be nice to hear of
> others exp' in this area
> Looking at the user agent section of my Webalizer generated access log
> analysis page I can see the following entry
> curl/7.12.1 (i386-redhat-linux-gnu) libcurl/7.12.1 OpenSSL/0.
> I have been to and it seems to my (currently)
> inexperienced eye
> that this software _could_ be used to do all sorts of despicable
> things to a web site.

As could be almost any other user agent - if your website allows
despicable things to be done to it.

> I guess it could also be used to 'build your own browser' so I'm not
> panicking just yet
> I have telnet and ftp disabled and access the server via ssh and scp.
> Is this likely to be some dismal little hacker trying to probe my defenses or
> am I worrying unnecessarily.

Maybe. But if your web server can really be compromised by a client that
does just what you intended when bringing the server online - i. e.
accessing it via HTTP - you have much more important things to worry
about than whether this client calls itself curl, Firefox, IE, telnet or


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message