Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

2008-01-06 Thread Florian Weimer
> installing the update breaks webapps > > with the following error > org.apache.commons.logging.LogConfigurationException: > java.security.AccessControlException: access denied (java.io.FilePermission > /home/nihil/www/java/WEB-INF/classes/logging.properties read) (Caused by > java.security.Acc

Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

2008-01-06 Thread Bernd Eckenfels
In article <[EMAIL PROTECTED]> you wrote: > (java.io.FilePermission > /home/nihil/www/java/WEB-INF/classes/logging.properties read) > (it worked before the update and permission are set correctly, i double > checked) This is a java security policy violation, not related to OS file permissions. M

netstat shows strange output

2008-01-06 Thread William Twomey
netstat | grep www | wc -l 1138 I was seeing lots of 'SYN_RECV' on port 80 coming from one host. I've tried the following iptables rules (from iptables-save). Kind of a mess, as I've been trying multiple things to solve this problem. -A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j DROP

Re: netstat shows strange output

2008-01-06 Thread Noah Meyerhans
On Sun, Jan 06, 2008 at 01:36:26PM -0600, William Twomey wrote: > > I also disabled ipv6, which I was seeing a lot of from this host. Probably not, unless you've knowingly configured IPv6 routing and all that; you were probably seeing a lot of IPv4 mapped v6 addresses, which look (in netstat) lik

Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

2008-01-06 Thread Nihil
On Son, 2008-01-06 at 20:14 +0100, Bernd Eckenfels wrote: > In article <[EMAIL PROTECTED]> you wrote: > > (java.io.FilePermission > > /home/nihil/www/java/WEB-INF/classes/logging.properties read) > > > (it worked before the update and permission are set correctly, i double > > checked) > > This

Re: netstat shows strange output

2008-01-06 Thread Bernd Eckenfels
In article <[EMAIL PROTECTED]> you wrote: > tcp0 0 192.168.1.240:www ba.2c.5646.static:34884 > FIN_WAIT2 You sure 192.168.1.240 is none of your addresses? Please post an ifconfig output as well as netstat -tn. > I've blocked this IP (resolves to 18255.com) on this machine usi

Re: [SECURITY] [DSA 1447-1] New tomcat5.5 packages fix several vulnerabilities

2008-01-06 Thread Nihil
On Son, 2008-01-06 at 19:54 +0100, Florian Weimer wrote: > > installing the update breaks webapps > > > > with the following error > > org.apache.commons.logging.LogConfigurationException: > > java.security.AccessControlException: access denied (java.io.FilePermission > > /home/nihil/www/java/WE

BATCH NO: (N-222-6747,E-900-56)

2008-01-06 Thread Fondazion Di Vittorio
Fondazion Di Vittorio, ITALY http://www.fondazionedivittorio.it BATCH NO: (N-222-6747,E-900-56) Dear Beneficiary, Congratulations The Foundation Di Vittorio has chosen you by the board of trustees as one of the final recipients of a cash Grant/Donation for your own personal,educational, and bu