('binary' encoding is not supported, stored as-is)
Four (obvious) points:
* Run as a non-privileged user (You might want to use a pre-emptive kernel to ensure performance).
* Limit access to manager and administrator to localhost, admin-ip/-net. (and choose a proper password).
* Change error messages (if the service is down, don't advertise the stacktrace, give a generic apology). (This is security by obscurity but nonetheless it hides specifics that may give an attacker information about possible injections or DoS).
* Use a web-tier:
Firewall <-> (load balancer if its for a web cluster) <-> Web frontend (Apache) <-> Firewall <-> Tomcat Application Server (cluster)
For inexpensive solutions i.e. Use a two linux servers with packet filters...
For the connections between Apache and Tomcat you have several options.. If you choose Apache, you have mod_jk, mod_jk2 (deprecated), mod_proxy_ajp, mod_proxy, mod_voodoo (my favourite).
Alternatives to Apache can be simple proxying servers or caching proxies such as Squid (with a ipfilter redirect of port 80 to port 8080 on the application server). The point is that there are many options. I usually use Apache2 with mod_voodoo or mod_proxy (_ajp) on the frontend and run Tomcat on its own server only accepting connections from the web-frontend using iptables (netfilter). The downside with mod_proxy is that it is proxying - whereas voodoo forwards the client IP, etc.
-------------------------------------------------------------------------------
Watchfire's AppScan is the industry's first and leading web application
security testing suite, and the only solution to provide comprehensive
remediation tasks at every level of the application. See for yourself.
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
-------------------------------------------------------------------------------
Received on Jan 06 2006
Intro
