Seems like the infection was related to the loose (default) password
of the manager app. I suppose changing that fixed the problem.
On Thu, Jan 22, 2009 at 4:26 PM, Toby Kurien tobyis7...@gmail.com wrote:
thanks. I only need ROOT and myApp (which is my application). I am the
developer, admin
Hi,
I have a webapp for my company that has been running for several
years. Recently, we got infected by a trojan or virus and this has
been causing a lot of abnormal behavior. The trojan creates user
accounts in Windows and also creates web applications like safee.war
and zhu.war into the webapps
of Windows?
Are you up to date on your Windows patches?
From: Toby Kurien tobyis7...@gmail.com
To: users@tomcat.apache.org
Sent: Thursday, January 22, 2009 9:16:46 AM
Subject: SECURITY breach in Tomcat
Hi,
I have a webapp for my company that has been
, Jan 22, 2009 at 4:39 PM, Toby Kurien tobyis7...@gmail.com wrote:
[ Tomcat hacked ]
Basic lesson concerning security:
If a system is once compromised, there is only one option:
Dump it and set it up vanilla.
Why?
It's because you have no idea what additional malware has been
installed
.
On Thu, Jan 22, 2009 at 12:14 PM, Gregor Schneider
rc4...@googlemail.com wrote:
Toby,
On Thu, Jan 22, 2009 at 5:27 PM, Toby Kurien tobyis7...@gmail.com wrote:
Thanks Gregor. We are looking at setting up in Linux, but that is
going to take longer to get a LIVE environment up and running. I have
thanks. I only need ROOT and myApp (which is my application). I am the
developer, admin, everything. And yes, we moved between physical
server racks that actually host Virtual environments.
On Thu, Jan 22, 2009 at 3:15 PM, Gregor Schneider rc4...@googlemail.com wrote:
Moving servers mean we
Hi,
Here's the weirdest thing I have found now. If I restart the service
from Services in computer management, it restarts fine, but if I
click Stop and then Start after a 30 second delay, the same error as
before happens which is:
Dec 3, 2008 8:39:31 PM org.apache.coyote.http11.Http11AprProtocol
it was
bound as a listening port.
Hope this is a pointer in the right direction.
Best regards
Stefan
-Ursprüngliche Nachricht-
Von: Toby Kurien [mailto:[EMAIL PROTECTED]
Gesendet: Donnerstag, 4. Dezember 2008 16:38
An: Tomcat Users List
Betreff: Re: java.lang.Exception: Socket bind failed
.
On Fri, Nov 21, 2008 at 10:36 AM, Toby Kurien [EMAIL PROTECTED] wrote:
Telnet does not work and netstat does not show anything suspicious.
Only the webserver listening on port 80. I would like to know if I can
kill any process from netstat or otherwise (other than from Task
Manager
On Wed, Nov 19, 2008 at 2:59 PM, Caldarale, Charles R
[EMAIL PROTECTED] wrote:
From: Toby Kurien [mailto:[EMAIL PROTECTED]
Subject: java.lang.Exception: Socket bind failed: [730048]
I have attached a log file of the errors I am
getting while trying to start Tomcat.
Nov 19, 2008 12:55:22 PM
, Toby Kurien [EMAIL PROTECTED] wrote:
Well, I have had this application for many years and usually
restarting the whole server fixes anything, but not this time. I
figure something is holding on to port 80, but I am not able to find
out or terminate it. I have a bad feeling there might
Hi Everybody,
I have been using Apache Tomcat 5.5.23 with Java 1.5.0_12. OS is Windown Server
2003. Tomcat connects to an Informix database and I have been using this
application at my company without any major issues so far for more than 2
years. Lately we noticed some suspicious activities
12 matches
Mail list logo