(Debian) Linux 2.6.11.12-xenU Tomcat 5.5.20 Java 1.5.0_04 This question concerns access to a running Tomcat instance by a previously unseen/unknown user agent. I have been developing commercial sites in Java for a number of years now but this is the first time I have deployed a commercial application on my own and hence I am a complete beginner when it comes to dealing with nefarious nerks trying to hack my installation.
Is it a 'Tomcat' question ?... I'm not sure but here goes anyway. The following might be quite harmless but it would be nice to hear of others exp' in this area Looking at the user agent section of my Webalizer generated access log analysis page I can see the following entry curl/7.12.1 (i386-redhat-linux-gnu) libcurl/7.12.1 OpenSSL/0. I have been to http://curl.haxx.se/ and it seems to my (currently) inexperienced eye that this software _could_ be used to do all sorts of despicable things to a web site. I guess it could also be used to 'build your own browser' so I'm not panicking just yet I have telnet and ftp disabled and access the server via ssh and scp. Is this likely to be some dismal little hacker trying to probe my defenses or am I worrying unnecessarily. I will investigate curl further of course. Thanks Duncan --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
