tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Gainty <mgai...@hotmail.com>
Subject RE: Malicious host is crashing my server
Date Mon, 08 Nov 2010 13:05:38 GMT

wireshark culprits can bypass your filter this by changing ips
 
much better to:
1)encrypt your data BEFORE you put it on the wire
http://www.mobilefish.com/developer/bouncycastle/bouncycastle.html
2)Implement SSL on Tomcat
http://mircwiki.rsna.org/index.php?title=Configuring_Tomcat_to_Support_SSL

Martin Gainty 
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité

Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten
wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist
unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet
keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen
wir keine Haftung fuer den Inhalt uebernehmen.
Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire
prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe
quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information
seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les
email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune
responsabilité pour le contenu fourni.



 

> Date: Mon, 8 Nov 2010 01:09:12 -0800
> From: assafn@yahoo.com
> Subject: Re: Malicious host is crashing my server
> To: users@tomcat.apache.org
> 
> DumpFilter is a good idea. For the time being we have decided to just block the 
> ip address. If it comes again from a different IP, I guess we will need to 
> further examine!
> 
> Thanks for all the good ideas
> 
> Assaf
> 
> 
> ----- Original Message ----
> From: David Fisher <dfisher@jmlafferty.com>
> To: Tomcat Users List <users@tomcat.apache.org>
> Cc: Tomcat Users List <users@tomcat.apache.org>
> Sent: Mon, November 8, 2010 12:00:49 AM
> Subject: Re: Malicious host is crashing my server
> 
> You could modify the RequestDumpFilter to only dump the request for that ip 
> address.
> 
> Regards,
> Dave
> 
> Sent from my iPhone
> 
> On Nov 7, 2010, at 12:28 PM, Assaf <assafn@yahoo.com> wrote:
> 
> > A filter to block is good. But then I would not be able to see him doing it 
> > again and then find out the issue.
> > 
> > Assaf
> > 
> > 
> > ----- Original Message ----
> > From: "Caldarale, Charles R" <Chuck.Caldarale@unisys.com>
> > To: Tomcat Users List <users@tomcat.apache.org>
> > Sent: Sun, November 7, 2010 6:48:20 PM
> > Subject: RE: Malicious host is crashing my server
> > 
> >> From: Assaf [mailto:assafn@yahoo.com] 
> >> Subject: Malicious host is crashing my server
> > 
> >> what can I do to better protect?
> > 
> > As a temporary preventive measure, you can disable access from this particular 
> 
> > IP address by configuring the RemoteAddrValve in server.xml:
> > 
> > <Valve className="org.apache.catalina.valves.RemoteAddrValve" 
> > deny="79\.177\.23\.102"/>
> > 
> > That should give you some time to work out the real fix.
> > 
> > - Chuck
> > 
> > 
> > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY 
> > MATERIAL and is thus for use only by the intended recipient. If you received 
> > this in error, please contact the sender and delete the e-mail and its 
> > attachments from all computers.
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> > 
> > 
> > 
> > 
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message