Tomcat黑客攻擊嘗試：嘗試驗證鎖定的用戶

Question

Jun 28, 2013 1:04:27 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Jun 28, 2013 1:04:27 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Jun 28, 2013 1:51:08 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:51:55 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:51:55 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:52:36 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:52:36 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 

我看到上述幾百次嘗試。有人試圖破解我的網站？我應該擔心嗎？

Answer 1

歡迎來到互聯網。您的服務器很可能連接到互聯網，因此它會捕獲各種背景噪音。更聰明的機器人會嘗試你正在運行的平臺的標準帳戶，其他人只會盲目地觸發隨機請求。

發生了什麼事情？不在你在這個日誌文件中的行中 - 機器人在其他情況下是否成功？誰知道。

這就是爲什麼＃1在所有強化文檔中是：消除默認帳戶。不幸的是，這在所有軟件開發過程中還不是第一，但是這種漏洞可以使用的默認帳戶越來越少。

它也很好地證明了爲什麼你不應該有100個最流行的密碼之一，易於猜測的帳戶名稱。