tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Boorshtein <mboorsht...@gmail.com>
Subject Re: Malicious host is crashing my server
Date Sun, 07 Nov 2010 17:29:09 GMT
JDBC?  Are you sure its not an attempted SQL Injection attack?

On Sun, Nov 7, 2010 at 12:23 PM, Assaf <assafn@yahoo.com> wrote:
> Hello,
>
> I have a recurring visitor (from a fixed IP
> address: bzq-79-177-23-102.red.bezeqint.net) who is constantly visiting my site
> and EACH time causes the server to crash. My server actually gets a JDBC begin
> failed error for the next http calls.
>
> Analyzing the logs, I cannot find out what is wrong. I can see it is a script as
> he is visiting the same pages in the same order (never downloading
> images/css/js). The only thing that I have noticed that is different with this
> user are the http headers he uses:
>
> "Expand HTTP read ahead 1.0"
>
> I could not google anything about those. I am running tomcat 6.0.20 on linux
> with mysql.
>
> Anyone has an idea what this can be? How to find out? Also, what can I do to
> better protect?
>
> Thanks,
>
> Assaf
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message