It's the usual muppet that has been infected... Apart from cloging up your logs they do nothing on an apache server
:) Of course if you are daft enough to run IIS ...... >:-> D Stuart Stephen wrote: >I think they are code red attacks. These shouldn't be anything to worry >about on a Tomcat server if I am correct in my thinking. They only affect >IIS. > >-----Original Message----- >From: Laura [mailto:[EMAIL PROTECTED]] >Sent: 13 June 2002 09:35 >To: Tomcat Users List >Subject: Security - Attack > > >Hi all, > >well I have, in my opinion, a very interesting question. > >Last week we went in a production enviroment: we have apache + tomcat with >an important web application xxx (http.conf has JkMount /xxx worker). > >Well, this morning I have discovered that somebody has tried to attack my >server: in the Apache error log I have found calls as >/scripts/..%5c%5c../winnt/system32/cmd.exe, /scripts/....., and so on. > >My question is: is Tomcat secure? How can I do Tomcat secure? Is all my >system secure? ( my machine is a solaris 8). > > >Thanks > > > >Laura > > > > >-- >To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> >For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
