Difference between revisions of "Talk:Securing tomcat"

From OWASP
Jump to: navigation, search
(User Input)
Line 4: Line 4:
 
:do we get many advantages separating application and webapps? - Darren Edmonds
 
:do we get many advantages separating application and webapps? - Darren Edmonds
 
::it could prevent path traversal under windows, but not unix.  Separating apps from OS is common good practice anyway.  [[User:Stephendv|Stephendv]] 02:32, 9 October 2006 (EDT)
 
::it could prevent path traversal under windows, but not unix.  Separating apps from OS is common good practice anyway.  [[User:Stephendv|Stephendv]] 02:32, 9 October 2006 (EDT)
 
* Change the default HTTP port to something other than 8080.  This ensures less scripted attacks on your server, but in no way helps protect you from vulnerabilities.
 
:As you say, there's probably not any real benefit to recommending this.  [[User:Stephendv|Stephendv]] 02:32, 9 October 2006 (EDT)
 
  
 
== Network Security ==
 
== Network Security ==
Line 13: Line 10:
  
 
:Not sure what information should go here? [[User:Stephendv|Stephendv]] 04:21, 16 October 2006 (EDT)
 
:Not sure what information should go here? [[User:Stephendv|Stephendv]] 04:21, 16 October 2006 (EDT)
 +
:I was thinking of a firewall discussion in relation to protecting the server.  Perhaps this should be changed to only mention the shutdown port needs protecting in tomcat [[User:dledmonds|dledmonds]]
  
 
== User Input ==
 
== User Input ==
Line 23: Line 21:
  
 
:I think this section would be more appropriate for apps themselves, rather than applying to the server as a whole. [[User:Stephendv|Stephendv]] 04:24, 16 October 2006 (EDT)
 
:I think this section would be more appropriate for apps themselves, rather than applying to the server as a whole. [[User:Stephendv|Stephendv]] 04:24, 16 October 2006 (EDT)
 +
:Agree the section doesn't seem relevant to Tomcat as it is, but I wanted to focus on preventing one webapp ruining it for everyone.  Perhaps a full rundown on java security is out of scope, but how could we prevent a poorly written download webapp from using path traversal exploits to download files of other webapps? [[User:dledmonds|dledmonds]]
 +
 +
== Securing Manager WebApp ==
 +
 +
* Brief description of how to create a valid manager capable user
 +
* IP filtering
 +
* Renaming the manager webapp

Revision as of 06:38, 20 October 2006

Contents

Installation

  • Choose an installation directory (referenced as TOMCAT_DIR from now on), preferably on a different drive to the OS.
do we get many advantages separating application and webapps? - Darren Edmonds
it could prevent path traversal under windows, but not unix. Separating apps from OS is common good practice anyway. Stephendv 02:32, 9 October 2006 (EDT)

Network Security

Generic advice common to all server security (link).

Not sure what information should go here? Stephendv 04:21, 16 October 2006 (EDT)
I was thinking of a firewall discussion in relation to protecting the server. Perhaps this should be changed to only mention the shutdown port needs protecting in tomcat dledmonds

User Input

User data, whether it be HTTP headers or parameters, should '"never"' be trusted. It is usually the responsibility of the application to validate data, but it is important that one poorly written application doesn't compromise Tomcat as a whole.

  • global filters
  • global error pages (see above)
  • permission lockdown (see below)
I think this section would be more appropriate for apps themselves, rather than applying to the server as a whole. Stephendv 04:24, 16 October 2006 (EDT)
Agree the section doesn't seem relevant to Tomcat as it is, but I wanted to focus on preventing one webapp ruining it for everyone. Perhaps a full rundown on java security is out of scope, but how could we prevent a poorly written download webapp from using path traversal exploits to download files of other webapps? dledmonds

Securing Manager WebApp

  • Brief description of how to create a valid manager capable user
  • IP filtering
  • Renaming the manager webapp