Thanks to Christopher , Rainer, and Rainer again. I will try to understand
the jsvc.
But for SMF, because we don't run tomcat as root, I am not sure if SMF can
be set and run by normal user. I need check that first.
My idea is, for most applications, normally I get three options: start, stop
and
On 07/11/2010 01:27, Jim Riggs wrote:
On Nov 6, 2010, at 2:17 PM, Christopher Schultz wrote:
I believe (if I heard it correctly), either Mark T. or Tim F.
explained at ApacheCon this week that the minimum is not immediate.
It needs to build up to that level. So, when you start Tomcat, you
Thanks for pointing out that I needed tomcat-juli.jar and for the detailed
explanation of your setup; it was very helpful. By adding tomcat-juli.jar to
the instance bin directory and modifiying my startup/shutdown scripts
accordingly, I was able to get the second tomcat instance working.
I
Hello,
I have a recurring visitor (from a fixed IP
address: bzq-79-177-23-102.red.bezeqint.net) who is constantly visiting my site
and EACH time causes the server to crash. My server actually gets a JDBC begin
failed error for the next http calls.
Analyzing the logs, I cannot find out what is
JDBC? Are you sure its not an attempted SQL Injection attack?
On Sun, Nov 7, 2010 at 12:23 PM, Assaf ass...@yahoo.com wrote:
Hello,
I have a recurring visitor (from a fixed IP
address: bzq-79-177-23-102.red.bezeqint.net) who is constantly visiting my
site
and EACH time causes the server
Hi,
It might be. But I am not sure how to find out more. Any suggestions?
Assaf
- Original Message
From: Marc Boorshtein mboorsht...@gmail.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Sun, November 7, 2010 6:29:09 PM
Subject: Re: Malicious host is crashing my server
JDBC?
From: Assaf [mailto:ass...@yahoo.com]
Subject: Malicious host is crashing my server
what can I do to better protect?
As a temporary preventive measure, you can disable access from this particular
IP address by configuring the RemoteAddrValve in server.xml:
Valve
the culprit will change IPs
are you implementing SSL?
are you encrypting your data before putting on the wire?
Martin
__
Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité
Diese Nachricht ist vertraulich. Sollten Sie nicht der
From: Martin Gainty [mailto:mgai...@hotmail.com]
Subject: RE: Malicious host is crashing my server
the culprit will change IPs
That's why I said it was a temporary workaround. However, given the DNS name
in use, it is likely assigned via DHCP by the perp's ISP, so an IP mask could
be used
Do a search on SQL injection and you will get plenty of results
Sent from my iPad
On Nov 7, 2010, at 1:03 PM, Caldarale, Charles R chuck.caldar...@unisys.com
wrote:
From: Martin Gainty [mailto:mgai...@hotmail.com]
Subject: RE: Malicious host is crashing my server
the culprit will change
I know what sql injection is. But I cannot find any clues to it. None of the
requests have any paramers or posting. Anyone has an idea how to find if this
is
the case?
- Original Message
From: Marc Boorshtein mboorsht...@gmail.com
To: Tomcat Users List users@tomcat.apache.org
Sent:
A filter to block is good. But then I would not be able to see him doing it
again and then find out the issue.
Assaf
- Original Message
From: Caldarale, Charles R chuck.caldar...@unisys.com
To: Tomcat Users List users@tomcat.apache.org
Sent: Sun, November 7, 2010 6:48:20 PM
Subject:
That number is not necessarily the IP address used to connect to your
server.
On Sun, Nov 7, 2010 at 6:28 PM, Assaf ass...@yahoo.com wrote:
A filter to block is good. But then I would not be able to see him doing it
again and then find out the issue.
Assaf
- Original Message
On 07.11.2010 18:23, Assaf wrote:
Hello,
I have a recurring visitor (from a fixed IP
address: bzq-79-177-23-102.red.bezeqint.net) who is constantly visiting my site
and EACH time causes the server to crash. My server actually gets a JDBC begin
failed error for the next http calls.
Can you
Any cookies or headers?
Sent from my iPad
On Nov 7, 2010, at 1:27 PM, Assaf ass...@yahoo.com wrote:
I know what sql injection is. But I cannot find any clues to it. None of the
requests have any paramers or posting. Anyone has an idea how to find if this
is
the case?
- Original
What do the server logs actually show? What do the database logs show?
Depending upon the database, turn on the maximum level of debugging to see what
they are issuing.
It might even be a crawler doing this accidentally. Can you access the same
pages in the same order with no ill effects to the
You could modify the RequestDumpFilter to only dump the request for that ip
address.
Regards,
Dave
Sent from my iPhone
On Nov 7, 2010, at 12:28 PM, Assaf ass...@yahoo.com wrote:
A filter to block is good. But then I would not be able to see him doing it
again and then find out the issue.
On Thu, Nov 4, 2010 at 9:10 PM, Christopher Schultz
ch...@christopherschultz.net wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Sasidhar,
On 11/4/2010 8:34 AM, sasidhar prabhakar wrote:
The class is fine but in log it is showing this one. Here everything
closed
fine.
Then why
18 matches
Mail list logo