[WEB SECURITY] WASC Distributed Open Proxy Honeypot Project Update - Brute Force Probes for Apache Tomcat Admin Interfaces

Ryan Barnett rcbarnett at gmail.com
Mon Oct 5 10:21:19 EDT 2009


We are seeing some brute force probes against Apache Tomcat admin interfaces
-
http://tacticalwebappsec.blogspot.com/2009/10/wasc-honeypots-apache-tomcat-admin.html
.

If you are running Tomcat, time to double-check your "admin" and "manager"
passwords and implement some ACLs if you haven't already...

-- 
Ryan C. Barnett
WASC Distributed Open Proxy Honeypot Project Leader
OWASP ModSecurity Core Rule Set Project Leader
Tactical Web Application Security
http://tacticalwebappsec.blogspot.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20091005/5264dcd7/attachment.html>


More information about the websecurity mailing list