True, but just because you are getting malformed URLs every day also doesn't mean the target is specifically tomcat. ;) If you're using tomcat standalone, your "hacker" only knows something is answering on port 80. It could just be a generic vulnerability scan on a particular address space.
John Turner [EMAIL PROTECTED] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 25, 2002 3:01 PM To: Tomcat Users List Subject: Re: Hardening Tomcat 3.2.4 ...snip... Agreed that overall best practices are important. In big companies, probably there will be teams who can guarantee a clean and safe Internet connection and one worries only about Tomcat. For smaller efforts, that luxury is generally not available. Looking at "hardening" does not imply that there are vulnerabilities. The fact that everyday I get malformed URLs seem to imply that some exploit or other does exist (may be not in the latest version). das -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>