I think they are code red attacks. These shouldn't be anything to worry about on a Tomcat server if I am correct in my thinking. They only affect IIS.
-----Original Message----- From: Laura [mailto:[EMAIL PROTECTED]] Sent: 13 June 2002 09:35 To: Tomcat Users List Subject: Security - Attack Hi all, well I have, in my opinion, a very interesting question. Last week we went in a production enviroment: we have apache + tomcat with an important web application xxx (http.conf has JkMount /xxx worker). Well, this morning I have discovered that somebody has tried to attack my server: in the Apache error log I have found calls as /scripts/..%5c%5c../winnt/system32/cmd.exe, /scripts/....., and so on. My question is: is Tomcat secure? How can I do Tomcat secure? Is all my system secure? ( my machine is a solaris 8). Thanks Laura -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
