[jboss-user] [Installation, Configuration & DEPLOYMENT] - How Jboss finds about network access
spearhead
do-not-reply at jboss.com
Sun Jan 25 04:42:51 EST 2009
Dear All,
I have just deployed a jboss server 4.2.2 in location /usr/local/src/jboss-4.2.2-GA and ran that using ./run.sh -b 0.0.0.0 &
As the installation was with default settings so we could view the jboss web console via http://ip:8080.
Now the application team started building their application and after around 2 months they knocked my saying some one was constantly trying to access in the server . The reason for that was security team was running vulnerability check on that ip block.
NOW MY QUESTION IS HOW DID THEY COME TO KNOW OF THIS? IS THERE ANYTHING ON JBOSS WHICH CAN FIND OUT ABOUT THIS?
As they are normal user account so thats not possible for them to know who tried or failed to access to system but they knew. As root only I can view the /var/log/secure and know who tried and failed or succed but how come they know that.
Thanks a lot.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4204567#4204567
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4204567
More information about the jboss-user
mailing list