Hi guys,
I have a customer that is facing a security issue with SUN One Web servver 6.1. In particular the file access under logs directory has some username and password not crypted.... Does anyboy know how to fix this? Is it something related with Sun one server configuration?
Thanks in advanced
Please post the actual line(s) from their access file (obscure password but preserve the structure).
That said, the access file only has entries for each request received by the server. If there is a password there it surely was sent in the request by the client application (e.g. something like "GET /myapp?mypassword=secret"). If so, they will need to rewrite their application to avoid sending sensitive info in the URI parameters.
Hi thanks for your response. I tought so it would been an application issue. Anyway here is the output (username and password obscured) but structure preserved.
10.6.186.158 - - [01/Jan/2007:10:25:23 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.159 - - [01/Jan/2007:10:25:23 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.159 - - [01/Jan/2007:10:25:23 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.158 - - [01/Jan/2007:10:25:23 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 537
10.6.186.159 - - [01/Jan/2007:10:25:26 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.154.4 - - [01/Jan/2007:10:25:26 +0100] "POST /eai_enu/start.swe HTTP/1.1" 200 511
10.6.186.159 - - [01/Jan/2007:10:25:25 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.159 - - [01/Jan/2007:10:25:25 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 539
10.6.186.158 - - [01/Jan/2007:10:25:25 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 539
10.6.186.159 - - [01/Jan/2007:10:25:28 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.159 - - [01/Jan/2007:10:25:28 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.159 - - [01/Jan/2007:10:25:29 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 588
10.6.154.4 - - [01/Jan/2007:10:25:30 +0100] "POST /eai_enu/start.swe HTTP/1.1" 200 512
10.6.186.159 - - [01/Jan/2007:10:25:30 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.65.27 - - [01/Jan/2007:10:25:31 +0100] "POST /eaidispatcher_enu/start.swe?SWEExtCmd=Execute&SWEExtSource=CUWP
RSetCampContactOnLine&UserName=xxxxxxxxxxxxx&Password=xxxxxxxxxxxxxxx HTTP/1.1" 200 586
10.6.186.159 - - [01/Jan/2007:10:25:30 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 537
10.6.186.159 - - [01/Jan/2007:10:25:32 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 575
10.6.186.159 - - [01/Jan/2007:10:25:37 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 537
10.6.186.158 - - [01/Jan/2007:10:25:38 +0100] "POST /eaidispatcher_enu/start.swe? HTTP/1.0" 200 537
