HackDig : Dig high-quality web security articles for hacker

Reminder: Secure Your Tomcat Admin Interface, (Mon, Apr 20th)

2015-04-20 13:50

In our web application honeypots, we do see continuing scans for /manager/html. While our honeypot doesnt (yet) fully simulate this Tomcat administrative interface, these scans are usually used to find unprotected Tomcatmanager URLs. Windows NT 6.1)
Host: [host ip redacted]:8080
Cache-Control: no-cache

Todays top sources of these scans are: (-- by far the largest source) (maybe just block ?)

OWASP got a brief guide on securing Tomcat:https://www.owasp.org/index.php/Securing_tomcat

See the Securing Manager WebApp for details on protecting your management interface.

Johannes B. Ullrich, Ph.D.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Source: ssr;pma&10691=diyrots?lmth.yraid/ude.snas.csi

Read:2265 | Comments:0 | Tags:No Tag

“Reminder: Secure Your Tomcat Admin Interface, (Mon, Apr 20th)”0 Comments

Submit A Comment



Blog :

Verification Code:


Share high-quality web security related articles with you:)


Tag Cloud