Win a copy of Design for the Mind this week in the Design forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to use RBL's to protect Tomcat from compromised systems?

 
B Clark
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

I am looking to protect my Tomcat-based web apps from bots and other infected and compromised systems. I have been doing some research, and found this article on Apache HTTPD and an apache module named mod_access_rbl. Is there anything similar that is available for Tomcat, implemented as either a servlet or a valve?

http://www.gotroot.com/tiki-view_blog.php?blogId=2

Any other ideas you might have in protecting web apps from bots would be welcomed.

Thanks,
Brian Clark
 
William Brogden
Author and all-around good cowpoke
Rancher
Posts: 13058
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The servlet API provides all you would need to keep track of blacklisted IP addresses and reject connections from them.

The equivalent of that Apache module would be a javax.servlet.Filter implementation which could track a list of IP addresses.

A google search for "servlet blacklist filter" found some examples.

Bill
 
Tim Holloway
Saloon Keeper
Pie
Posts: 18094
48
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
B Clark wrote:
Any other ideas you might have in protecting web apps from bots would be welcomed.


Don't invent your own security service. Use one that's been tested and proven. Pretty much every do-it-yourself login/authentication system I've seen has had major flaws. No small number of them resemble the stereotypical Western town movie sets, where all that exists is the front of the building, so all you have to do is (figuratively speaking) walk around to the side. Even the better ones tend to break down once they go into maintenance mode and people who don't understand the rules get their hands on the code.

J2EE has a built-in security framework that will actually block really offensive URL requests from even getting to the application at all. While there are things I could do to improve it, I've managed to use it - or frameworks based on it - for pretty much all my security needs, and I work in areas where security is a little more critical than some people's.
 
B Clark
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
William Brogden wrote:The servlet API provides all you would need to keep track of blacklisted IP addresses and reject connections from them.

The equivalent of that Apache module would be a javax.servlet.Filter implementation which could track a list of IP addresses.

A google search for "servlet blacklist filter" found some examples.

Bill



Thanks for the tip. I will check this out.

Brian
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic