Tomcat黑客攻击尝试：尝试验证锁定的用户

Question

Jun 28, 2013 1:04:27 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Jun 28, 2013 1:04:27 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "admin" 
Jun 28, 2013 1:51:08 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:51:55 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:51:55 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:52:36 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 
Jun 28, 2013 1:52:36 AM org.apache.catalina.realm.LockOutRealm authenticate 
WARNING: An attempt was made to authenticate the locked user "tomcat" 

我看到上述几百次尝试。有人试图破解我的网站？我应该担心吗？

Answer 1

欢迎来到互联网。您的服务器很可能连接到互联网，因此它会捕获各种背景噪音。更聪明的机器人会尝试你正在运行的平台的标准帐户，其他人只会盲目地触发随机请求。

发生了什么事情？不在你在这个日志文件中的行中 - 机器人在其他情况下是否成功？谁知道。

这就是为什么＃1在所有强化文档中是：消除默认帐户。不幸的是，这在所有软件开发过程中还不是第一，但是这种漏洞可以使用的默认帐户越来越少。

它也很好地证明了为什么你不应该有100个最流行的密码之一，易于猜测的帐户名称。