I had an incident on my server the other day where someone had succesfully broken into the server to execute a port scanner.
The port scanner was running under the tomcat process so I assume the breakin was done by getting through the Tomcat manager app. At first I feared that I had made a blunder and left the standard tomcat user as manager, but that wasn't the case. Actually while the UserDatabase is defined in the setup it isn't used as I use a JNDIReam pointing to OpenLDAP where only one manager account is defined. So did they just use brute force, or might there be another way they could have gotten in? Henrik http://www.blingon.com --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
