Hi John, As it turns out, I no longer have access to the author of the program I posted. Could elaborate on what the vulnerability is and how to implement the same functionality in a more secure manner?
Thanks for your insights. Larry On Fri, Oct 17, 2014 at 1:26 AM, John Baker <[email protected]> wrote: > Larry > > I wouldn't suggest using that JSP :) It is running a native application > (hostname) to get the hostname that is readily available from a Java API > call. > > Running native applications isn't going to do the performance of your Mid > Tier any good, and anyone with a copy of wget can almost certainly kill > your Mid Tier pretty quickly. > > The Java InetAddress API is what you should be using for this task. > > > John > > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > "Where the Answers Are, and have been for 20 years" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
