tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Smith <d...@cornell.edu>
Subject Re: Is Tomcat being hacked by curl ?
Date Thu, 23 Aug 2007 16:53:08 GMT
Just to nip this one early before the discussion strays too far, curl is 
NOT a hacking tool.  It's just a command line http client useful in all 
sorts of linux/unix OS scripts. 

To determine if it's being used to probe your site, you need to pay 
attention to WHAT is being requested.  The brief sample offered by the 
OP was actually very benign (no weird escape sequences or attempts to 
access a binary executable).

--David

Mark Deneen wrote:

>Once you find them, you might be hard pressed to actually do anything
>about it beyond getting in touch with their ISP.
>
>It might be easier to just block them at the firewall or on the server
>tomcat runs on with something like iptables.
>
>Mark
>
>On 8/23/07, Lyallex <lyallex@gmail.com> wrote:
>  
>
>>www.who.is
>>
>>Much more info
>>
>>...tracking the perpetrator down now ... this is fun.
>>
>>    
>>
>
>---------------------------------------------------------------------
>To start a new topic, e-mail: users@tomcat.apache.org
>To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>For additional commands, e-mail: users-help@tomcat.apache.org
>
>  
>


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message