Tomcat -
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   m_stan_m_stan
Posted On:   Tuesday, December 10, 2002 11:30 AM

Hi All, Two questions: 1. I have a JSP application running on a server. When Tomcat is running, there is a cmd type window ("Start Tomcat" window) always open on the server. The other day two weird questions popped up in that window. The questions were something like: Did you see me in browser window? Did you see me in the window too? I am not sure why and how this happened. I am 100 % sure that my application will not do anything like this, and I also double checked before sending this email. Can anybody think of a reason? 2. In the application URL, I have to display the port number..   More>>

Hi All,

Two questions:


1. I have a JSP application running on a server. When Tomcat is running, there is a cmd type window ("Start Tomcat" window) always open on the server. The other day two weird questions popped up in that window.


The questions were something like:


Did you see me in browser window?


Did you see me in the window too?


I am not sure why and how this happened. I am 100 % sure that my application will not do anything like this, and I also double checked before sending this email.


Can anybody think of a reason?



2. In the application URL, I have to display the port number....something like:
http://domain:port/app.jsp


Does displaying the port on which the webserver is running on make my server/application more prone to hacking?


By that I mean, are there any downsides to displaying the portnumber in the application URL?


Your help will be greatly appreciated.


Regards,


m_stan

   <<Less

Re: Tomcat -

Posted By:   Em_Huynh  
Posted On:   Tuesday, December 10, 2002 02:03 PM

1) This text is comming from Tomcat, specifically one of their examples. I believe you can reach it at http://[host]:[port]/examples/. Undeploy this context if you don't want to see it any more.



2) I don't think having the port displayed adds any additional security risk that isn't there already. Anyone can easily do a port scan to find out what services are running on what port. Besides, if you don't display the port, everyone knows the default for http is 80.



Hope this helps.
About | Sitemap | Contact