tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Assaf <ass...@yahoo.com>
Subject Malicious host is crashing my server
Date Sun, 07 Nov 2010 17:23:48 GMT
Hello,

I have a recurring visitor (from a fixed IP 
address: bzq-79-177-23-102.red.bezeqint.net) who is constantly visiting my site 
and EACH time causes the server to crash. My server actually gets a JDBC begin 
failed error for the next http calls.

Analyzing the logs, I cannot find out what is wrong. I can see it is a script as 
he is visiting the same pages in the same order (never downloading 
images/css/js). The only thing that I have noticed that is different with this 
user are the http headers he uses:

"Expand HTTP read ahead 1.0"

I could not google anything about those. I am running tomcat 6.0.20 on linux 
with mysql.

Anyone has an idea what this can be? How to find out? Also, what can I do to 
better protect?

Thanks,

Assaf


      

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message