Hi, I have an amazon ec2 server and I use this server for my Java applications, but over the last couple of days I have one very unusual problem and am worried that someone might play on my server.
When I logged into my tomcat manager using ipaddress: 8080 / manager . He asked me to enter the username and password that I have in the tomcat-user.xml file. When I logged in, it shows only one active instance in a few minutes, it shows me that there is more than one user using the tomcat manager, but the question is that I did not transfer my credentials to anyone. Check out this screenshot.
, tomcat 94 , , . , , admin.
, , , root-tomcat-manager. .
Sep 28, 2015 4:54:02 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Sep 28, 2015 4:55:07 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "admin"
Sep 28, 2015 4:56:44 PM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "manager"
Sep 29, 2015 7:08:16 AM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "root"
Sep 29, 2015 7:08:16 AM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "tomcat"
Sep 29, 2015 7:08:16 AM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "manager"
Sep 29, 2015 7:08:16 AM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "manager"
Sep 29, 2015 7:08:19 AM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "tomcat"
Sep 29, 2015 7:08:19 AM org.apache.catalina.realm.LockOutRealm authenticate
WARNING: An attempt was made to authenticate the locked user "tomcat"
google, tomcat 755 750, , . .
, , - . , , tomcat ( ).
. .