Hi,
It might be. But I am not sure how to find out more. Any suggestions?
Assaf
----- Original Message ----
From: Marc Boorshtein <mboorsht...@gmail.com>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Sun, November 7, 2010 6:29:09 PM
Subject: Re: Malicious host is crashing my server
JDBC? Are you sure its not an attempted SQL Injection attack?
On Sun, Nov 7, 2010 at 12:23 PM, Assaf <ass...@yahoo.com> wrote:
> Hello,
>
> I have a recurring visitor (from a fixed IP
> address: bzq-79-177-23-102.red.bezeqint.net) who is constantly visiting my
site
> and EACH time causes the server to crash. My server actually gets a JDBC begin
> failed error for the next http calls.
>
> Analyzing the logs, I cannot find out what is wrong. I can see it is a script
>as
> he is visiting the same pages in the same order (never downloading
> images/css/js). The only thing that I have noticed that is different with this
> user are the http headers he uses:
>
> "Expand HTTP read ahead 1.0"
>
> I could not google anything about those. I am running tomcat 6.0.20 on linux
> with mysql.
>
> Anyone has an idea what this can be? How to find out? Also, what can I do to
> better protect?
>
> Thanks,
>
> Assaf
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
