On Fri, Nov 15, 2013 at 05:58:27PM +0000, Schuster, David wrote: > Nessus – is what we are using. I found an article that if you telnet to 8005 > and type SHUTDOWN – it will stop tomcat, which it did. I have modified that > so hopefully that will fix my problem.
Ah, so it's not just a port scan. Tomcat *should* require a specific token on the SHUTDOWN line, which is set in server.xml as an attribute of the <server> element: <Server port="-1" shutdown="a0cc3595807f8e1f"> It's doubtful that Nessus would guess such a token in a reasonable amount of time. http://tomcat.apache.org/tomcat-7.0-doc/config/server.html#Common_Attributes 'port' can be -1 if you are running Tomcat using jsvc or as a Windows service, which have other ways to gracefully terminate it. Otherwise I'd use the usual port 8005 but set the host firewall to block it, so that the Tomcat shutdown script can use it locally. I copied a live Tomcat's Server element and replaced the token, generating it this way: dd if=/dev/urandom count=1 bs=8 2>/dev/null | od -x -- Mark H. Wood, Lead System Programmer mw...@iupui.edu Machines should not be friendly. Machines should be obedient.
signature.asc
Description: Digital signature
------------------------------------------------------------------------------ DreamFactory - Open Source REST & JSON Services for HTML5 & Native Apps OAuth, Users, Roles, SQL, NoSQL, BLOB Storage and External API Access Free app hosting. Or install the open source package on any LAMP server. Sign up and see examples for AngularJS, jQuery, Sencha Touch and Native! http://pubads.g.doubleclick.net/gampad/clk?id=63469471&iu=/4140/ostg.clktrk
_______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech List Etiquette: https://wiki.duraspace.org/display/DSPACE/Mailing+List+Etiquette
