tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404
Date Tue, 16 Apr 2013 19:51:02 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

David,

On 4/16/13 2:53 PM, David kerber wrote:
> On 4/16/2013 2:26 PM, André Warnier wrote:
> 
> ...
> 
>> The trick is to make the vaccine cheap enough and easy enough to 
>> administer, so that there will be a significant enough proportion
>> of "vaccinated servers" to make the virus statistically
>> ineffective. Maybe if we find a simple patch to Tomcat to
>> introduce this 404-delay, we could hire a botnet to distribute
>> the patch ?
>> 
>> Mmmm, maybe there is another idea there : how about an
>> anti-botnet botnet ?
> 
> Microsoft already works with the DOJ and DHS occasionally doing 
> something like this.  It has been a while, but I have seen
> articles referring to it.

There are lots of ethical concerns with writing a virus or worm that
goes around patching systems to make them more secure. I'm fairly sure
that idea was invented a few minutes after the first Internet worm was
discovered and mostly discarded as being a bit too devious to implement.

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCAAGBQJRbaulAAoJEBzwKT+lPKRYFeEQAKAtih4yjf2Eo9GjjkMv+Ep9
qkCijwXvBD2M1PcIRuJ4+aSyT6Xlslgz0sbHlkV/6XxLtRmVJrWoMh9v9lF9foCm
chCHoHcvNJpHfsFOLArhvnFwlZKtAwQYKvpjhZMTZHUog+7Da3f1oFaW/3SNdG/3
0cttkF7F5GsMvko5awxEZZcckcFaDyX3gd/4xXKxNl2Rx4J4YKwrpimTSRAXIiH5
Tc2g9+Q1cVq/XsOkSwoLMZaVrCXq2/TUj8CP2xhn06dooOj3fFItzdcB1CtKH8ZG
MIKwsoCgbFvM0vCUWp+NJc+O2RCiiAgI6LMRSm36CQSLGFJthb+0kikgPto+XEJJ
CqJbeq6+db7esuHKeJbDD8mF50AHhBiHtS0F6YWz9kekHv1l0xtorQCfM8Nj/OH/
AzseO19TAEUyFPxHKTawpSoCKBw/psou15ii47Saeo5vKFtIrO/Vl4ty7eT2KEOe
AvXIU86gYI3F5VaZuOZLmfBNS4rz5Zz+d9z6613HwP6eRCR/q9ynx6tfLEPJqKRr
v189T1zdRXany5qW+vRQzfnJ1NWX9luAnyjo4dvMrah1bjRkXc1uiILOrxjqq9jl
MuTStz21SCLnO/yNNWOfIKM1xweSrWFKTlUTcaocWNB48635llQdOK5KoT6v1LO1
8nHdAe3ft9Q82EZ/a+Cg
=DGXS
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message