WARNING: Failed to unregister MBean with name

2016-11-30 Thread Wayne Li
Hi, I got errors as below. What is wrong please? I use Tomcat 8.0.36, Ubuntu 16.04 and Eclipse Neon 4.6. Thanks in advance. Nov 30, 2016 7:29:51 PM org.apache.coyote.AbstractProtocol stop INFO: Stopping ProtocolHandler ["http-nio-8080"] Nov 30, 2016 7:29:51 PM

Re: Unable to get SSL working on Tomcat 8.5

2016-11-30 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Todd, On 11/29/16 4:41 PM, Bartlett, Todd wrote: > The below settings work fine on 6.0 version (no other changes Im > aware of) Error received Failed to initialize component > [Connector[HTTP/1.1-443 What's the rest of the error message? >

Re: Tomcat listener not coming up - no stuck threads

2016-11-30 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 John, On 11/26/16 7:29 PM, John D. Ament wrote: > Hi, > > Looking for some external input. I've put together a simple > tomcat embedded instance designed to deploy an arbitrary set of > servlets, filters, etc. > > For some reason, when I run

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jaaz, On 11/30/16 1:41 PM, Jaaz Portal wrote: > no it looks like dos, its dos > > i told you they dosed before bind server until we changed it to > other vendor, and later was scanning my host for apache > vulnerabilities Okay, let's just end

Re: users Digest 30 Nov 2016 19:40:04 -0000 Issue 12825

2016-11-30 Thread tomcat
On 30.11.2016 23:00, Esmond Pitt wrote: This is getting out of hand. I am subcribed to what is supposed to be a daily digest. Today I received *seven.* What is going on? EJP Well, for one thing, this is a free user help list, for a free software product, and as well the people who create

RE: users Digest 30 Nov 2016 19:40:04 -0000 Issue 12825

2016-11-30 Thread Esmond Pitt
This is getting out of hand. I am subcribed to what is supposed to be a daily digest. Today I received *seven.* What is going on? EJP - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands,

Re: Apache/Tomcat vulnerability

2016-11-30 Thread tomcat
Let me ask you a question : if you have nothing in the logs, and there are no connections to your (Apache) server on port 80, then *what exactly* makes you think that you are under some kind of attack ? How do you know that it is not simply your application that is freezing up under normal

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Jaaz Portal
hi mark, thanks, i have fixed configuration as you pointed out, maybe this will mitigate the attack before there was no connection_timeout in configuration and this things was occurring too best, artur 2016-11-30 20:29 GMT+01:00 Mark Eggers : > Artur, > > On

Save the date: ApacheCon Miami, May 15-19, 2017

2016-11-30 Thread Rich Bowen
Dear Apache enthusiast, ApacheCon and Apache Big Data will be held at the Intercontinental in Miami, Florida, May 16-18, 2017. Submit your talks, and register, at http://apachecon.com/ Talks aimed at the Big Data section of the event should go to

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Mark Eggers
Artur, On 11/30/2016 10:41 AM, Jaaz Portal wrote: > no it looks like dos, its dos > > i told you they dosed before bind server until we changed it to other > vendor, > and later was scanning my host for apache vulnerabilities > > configuration is standard, the only thing i changed (after your

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Jaaz Portal
no it looks like dos, its dos i told you they dosed before bind server until we changed it to other vendor, and later was scanning my host for apache vulnerabilities configuration is standard, the only thing i changed (after your guidance) is connection_timeout but this does not work for this

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Mark Eggers
Artur, On 11/30/2016 8:36 AM, Jaaz Portal wrote: > hi, > they has tried again with success despite setting connection_timeout and > limiting number of clients by mod_bw > the tomcat has frozen again. > > netstat does not showed any connections on port 80 but plenty of > connections from apache to

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Jaaz Portal
yes, i was in hurry and pasted wrong ip but i talked with my mate, this one that had open connection was his host checking our webpage so beside our connections there was no open http connections but plenty of that between apache and tomcat it was no slowlaris guys and with the forensics logs

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Mark Eggers
Artur, On 11/30/2016 9:02 AM, Jaaz Portal wrote: > hi, > sorry, there was two open connection on port 80 > from 194.135.88.32 that is somwhere on epix.net.pl > an association of internet traffick exchange (some pirate hub) > > best, > artur 194.135.88.32 appears to be your web site, no? . . .

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Jaaz Portal
hi, sorry, there was two open connection on port 80 from 194.135.88.32 that is somwhere on epix.net.pl an association of internet traffick exchange (some pirate hub) best, artur 2016-11-30 17:52 GMT+01:00 Jaaz Portal : > hi, > i looked at the logs but there are no strange

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Jaaz Portal
hi, i looked at the logs but there are no strange things, traffic as usual, no errors despite this one: [Wed Nov 30 17:10:13.375912 2016] [mpm_event:error] [pid 12870:tid 139906329666752] AH00484: server reached MaxRequestWorkers setting, consider raising the MaxRequestWorkers setting any idea

Re: Apache/Tomcat vulnerability

2016-11-30 Thread Jaaz Portal
hi, they has tried again with success despite setting connection_timeout and limiting number of clients by mod_bw the tomcat has frozen again. netstat does not showed any connections on port 80 but plenty of connections from apache to localhost:8009 so it was not an attack that you has described

AW: Mounting WebDAV in Tomcat 7.0.45

2016-11-30 Thread Arno Schäfer
So, many thanks for your comments, > The general recommendation is to use a 3rd party WebDAV client. Check > the archives details (I think it is Chris that uses one). At least I found a product, what we actually use in our company and what I can take also for our project. The WebDAV Client is

Re: tomcat stopped with a fatal error by jvm

2016-11-30 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Vijay, On 11/30/16 1:49 AM, Vijay Kumar wrote: > We have an application which is running on Tomcat 7.0.33 and this > is using Java 6. You need to upgrade. > Recently, Tomcat got stopped with a Fatal Error and the error > logged in catalina.out