wireshark culprits can bypass your filter this by changing ips much better to: 1)encrypt your data BEFORE you put it on the wire http://www.mobilefish.com/developer/bouncycastle/bouncycastle.html 2)Implement SSL on Tomcat http://mircwiki.rsna.org/index.php?title=Configuring_Tomcat_to_Support_SSL
Martin Gainty ______________________________________________ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. > Date: Mon, 8 Nov 2010 01:09:12 -0800 > From: ass...@yahoo.com > Subject: Re: Malicious host is crashing my server > To: users@tomcat.apache.org > > DumpFilter is a good idea. For the time being we have decided to just block > the > ip address. If it comes again from a different IP, I guess we will need to > further examine! > > Thanks for all the good ideas > > Assaf > > > ----- Original Message ---- > From: David Fisher <dfis...@jmlafferty.com> > To: Tomcat Users List <users@tomcat.apache.org> > Cc: Tomcat Users List <users@tomcat.apache.org> > Sent: Mon, November 8, 2010 12:00:49 AM > Subject: Re: Malicious host is crashing my server > > You could modify the RequestDumpFilter to only dump the request for that ip > address. > > Regards, > Dave > > Sent from my iPhone > > On Nov 7, 2010, at 12:28 PM, Assaf <ass...@yahoo.com> wrote: > > > A filter to block is good. But then I would not be able to see him doing it > > again and then find out the issue. > > > > Assaf > > > > > > ----- Original Message ---- > > From: "Caldarale, Charles R" <chuck.caldar...@unisys.com> > > To: Tomcat Users List <users@tomcat.apache.org> > > Sent: Sun, November 7, 2010 6:48:20 PM > > Subject: RE: Malicious host is crashing my server > > > >> From: Assaf [mailto:ass...@yahoo.com] > >> Subject: Malicious host is crashing my server > > > >> what can I do to better protect? > > > > As a temporary preventive measure, you can disable access from this > > particular > > > IP address by configuring the RemoteAddrValve in server.xml: > > > > <Valve className="org.apache.catalina.valves.RemoteAddrValve" > > deny="79\.177\.23\.102"/> > > > > That should give you some time to work out the real fix. > > > > - Chuck > > > > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > > MATERIAL and is thus for use only by the intended recipient. If you > > received > > this in error, please contact the sender and delete the e-mail and its > > attachments from all computers. > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
