On Thu, Jan 23, 2014 at 10:07 PM, Christopher Schultz < ch...@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Howard, > > On 1/23/14, 9:05 PM, Howard W. Smith, Jr. wrote: > > On Wed, Jan 22, 2014 at 10:14 AM, Christopher Schultz < > > ch...@christopherschultz.net> wrote: > > > >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 > >> > >> Konstantin, > >> > >> On 1/22/14, 9:03 AM, Konstantin Preißer wrote: > >>> Hi Jeffrey, > >>> > >>>> -----Original Message----- From: Jeffrey Janner > >>>> [mailto:jeffrey.jan...@polydyne.com] Sent: Tuesday, January > >>>> 21, 2014 10:19 PM > >>> > >>>> Eureka, I finally figured it out! It was a real eureka > >>>> moment, some remembrance burned its way up from my > >>>> subconscious and I had the answer. Ready guys? Really > >>>> surprised no one mentioned it. It was Windows F-ing > >>>> Firewall!!!!! > >>> > >>> Good to hear that you could find and solve the problem. > >>> > >>> (Off topic:) > >>> > >>>> I HATE WINDOWS!!!!!! > >>> > >>> What I can't quite understand is, how one can "hate" Windows or > >>> its "F-ing" firewall, if they just do what they were configured > >>> to do... ;-) > >>> > >>> When setting up the Windows Firewall, I normally only create > >>> rules for specific (TCP) ports, not for specific executables, > >>> so that the firewall allows connections to a TCP port > >>> regardless of what the name or path of the executable is. > >> > >> Actually, as surprising as it can sometimes be, I find that the > >> Windows firewall is better than iptables *because* it /can/ do > >> things like this. You can make your system a bit safer. > >> > >> For instance, if your server is compromised (yes, I know, once > >> you're owned, you're owned) and the attacker installs some > >> malware of some kind, that malware will not be able to bind to a > >> port or even make outgoing connections, even on "standard" > >> outgoing ports -- for instance HTTP. > >> > >> Lots of malware connects to external C&C servers to give > >> instructions, and the Windows wirewall makes it easy to prevent > >> that from happening even when ports like 80 are used -- and > >> typically left wide-open on servers. > >> > >> - -chris > >> > > > > +1 chris, and for these reasons/features (and more), I LOVE WINDOWS > > (SERVER 2008)!!! :) > > It's firewall notwithstanding, Microsoft Windows is a really terrible > server OS. At least Powershell gave admins the capability to do things > without having to use a GUI for every damn thing, but there is just > too much BS in a Windows box for me to ever consider it for a server. > You are definitely entitled to your opinion and OS preference. Since majority of my experience has been Windows (and even though I love being a keyboard user and hate to operate a mouse), the GUI does not bother me, since I have learned to use keyboard shortcuts to help me operate Windows apps (or GUI, as you call it), been doing those keyboard shortcuts for almost 20 years now. :) > > Add to that the fact that you have to pay insane license fees, though > you would also have to do that I suppose if you used SCO, AIX, etc. > Solaris, BSD, and Linux are all free and have entire ecosystems that > aren't dominated by the closed-source paradigm. > Actually, I have found Linux to be 'attractive', since it is 'free' and since there is less GUI and more command-line there. I had some exposure to Linux and Unix in the past, and I fell in love with UNIX just before I graduated from college, and it was at that point that I made that statement, I can see myself doing this (SPARC machine, Unix OS, and keyboard, programming etc...) for the next 5 to 10 years (as a career)...I was really in love with the keyboard (most of all, in the computer lab). :) Instead of downloading Linux and trying it out, on my own, I just decided to stay with Windows. it just works (for me). And I usually only need 1 or 2 client access licenses (CALs) per server, since I am the primary person that remotely access the server. The servers are primarily used as file servers, until recently, when I developed my first Java EE web application within the last 2 years, so now 1 of the 2 Windows servers are used only as a web (app) server. > I hope things have changed, but everyone I ever knew that ran Windows > Server OSs in production had scheduled rolling-reboots of their > servers because things just tended to "work" when they did that. > Otherwise, stuff would fail with some regularity (like every 3 days). > It's not clear to be whether restarting the OS or restarting the > application did the trick -- as we all know, most Tomcat problems are > actually webapp problems. In all my time working with Linux servers, > I've never had to resort to such foolishness, nor has anyone else I > have known. I've had servers running for over a year without a reboot. > (They usually get a reboot for certain software upgrades, so > years-running servers don't really exist... or shouldn't). > I have seen posts on this list about people experiencing issues with Windows updates and their tomcat/database not starting or shutting down successfully (or as expected)... i do not experience these things...at all. Yes, I did send several emails to the tomee list, asking why did my tomee/tomcat server restart at night around 3am. I, then, learned it was the automatic Windows updates that I configured. So, after I learned that it was the automatic updates and that my app shutdown properly and restarted automatically (since I configured the tomcat/tomee service to start, automatically on/after boot), and no database corruption and no errors in the log. My Java EE app and tomcat/tomee shuts down and restarts gracefully inspite/through-it all. I'm definitely one happy tomcat user/camper. I have learned to also ignore the IP addresses from China, Vietnam, etc... that attempt to access/manipulate my tomcat/tomee server, since the result is usually HTTP 400 or HTTP 404. :) There are still some things that I would like to do and/or learn how to do with Tomcat; hoping to do so, when/as necessary. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBCAAGBQJS4dj8AAoJEBzwKT+lPKRYs5cP/0uXPMnj9IKZB0vZRYl0+sMc > /JL/SywwibmwMD4uenWg1vPDw+KTPfLCPlww74ctc0f/+OfWKOgIPuhxwg24Hcv5 > K1Yk0437kBSvzQ3+Kitb8GXK0tVsmfyMYQfoJ4Hgc4ASBXb3PGzg4mR77/8RXQUp > P49oTk8LmAtklUo9J8wa0SL3WyLuC2tvAFonbAJgaMuJ3sRO+7WiBdKxyA+nF+T7 > Mv5shFWjT6q7lv1XGlHWDbQ1A0KZa9hYwlMdyP4zdsw1VW7Sr/q+bvBVHnepiUbA > tw88IwlzwRRdMytCxeZiWggEESIbIw5lqiZ6jtaX7+1PxG0OkPAeP2FXjw+b1SmQ > pe5nfsmKIx+6d0SwDl/xzoWa84G4JysbkB4ERRpXYCqwfUKY2/RM3E0h41x2sD/s > /appqce7cXN3tRQNVg0tGCrXDKE5Fo/94uP1m4ZXHPm9h2Y8MgTKjoa8526UEvkQ > x7ZY0U/TG4wZb0qmOqyJLXwIRrWGLkH0bIv4vdT6/nDHrkw1HFnWVeBJa0JQxcd3 > /fQuNIcgsqPiVK1Nethm5wDrprbU+oCHrCCIzu/X3mmRhPD/ttgDFZAf1GuBPss8 > 5qN5keX2Gdxvkhr3q6zBQqgd/HXNHIk7KXGPbEIeDgaXzWP2IiNiRwRfzQooyC8b > 1vf12NVQjVnFI73VONOg > =9lOm > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
