In our web application honeypots, we do see continuing scans for "/manager/html". While our honeypot doesn't (yet) fully simulate this Tomcat administrative interface, these scans are usually used to find unprotected Tomcat manager URLs. The full request:
Today's top sources of these scans are: 222.186.21.117 (<-- by far the largest source) OWASP got a brief guide on securing Tomcat: https://www.owasp.org/index.php/Securing_tomcat See the "Securing Manager WebApp" for details on protecting your management interface.
--- |
Johannes 4478 Posts ISC Handler Apr 20th 2015 |
Thread locked Subscribe |
Apr 20th 2015 7 years ago |
Sign Up for Free or Log In to start participating in the conversation!