Linux Today: Linux News On Internet Time.

More Results from Realeyes

Oct 30, 2008, 18:06 (0 Talkback[s])
(Other stories by Jim Sansing)

[ Thanks to JJS for this link. ]

"The most interesting one was 'GET /manager/html'. This appears to be a Tomcat exploit which tries to gain access to the administrator account. Of the dozen web servers that received this request, all but one replied with 404 "Not Found". The other one replied with 401 "Unauthorized" and the source host then sent over 150 variations of the authorization code field. The codes were mixtures of numbers and mixed case letters that looked like they were taken from a table. Some were as long as 25 characters, while others were only 5 or 6 characters. Fortunately, none were successful."

Complete Story

Related Stories: