Skip navigation

This project is read only now. Read more.

1 Reply Latest reply on Aug 10, 2011 4:45 AM by petal1

Can someone try to attack my JBoss instance by issuing JMX commands over HTTP?

petal1 Aug 4, 2011 5:16 AM

Hello,

Can someone try to attack my JBoss instance by issuing JMX commands over HTTP?

The reason I ask is that I saw this exception in my log file today and I was wondering if it was caused by an attempted attack?

ERROR [org.apache.catalina.core.ContainerBase.[jboss.web].[localhost].[/jmx-console].[HtmlAdaptor]] (http-0.0.0.0-8080-1:) Servlet.service() for servlet HtmlAdaptor threw exception

javax.management.InstanceNotFoundException: jboss.admin:service=DeploymentFileRepository is not registered.

at org.jboss.mx.server.registry.BasicMBeanRegistry.get(BasicMBeanRegistry.java:523)

at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:653)

at org.jboss.jmx.adaptor.control.Server.invokeOpByName(Server.java:258)

at org.jboss.jmx.adaptor.html.HtmlAdaptorServlet.invokeOpByName(HtmlAdaptorServlet.java:287)

at org.jboss.jmx.adaptor.html.HtmlAdaptorServlet.processRequest(HtmlAdaptorServlet.java:102)

at org.jboss.jmx.adaptor.html.HtmlAdaptorServlet.doGet(HtmlAdaptorServlet.java:77)

at javax.servlet.http.HttpServlet.doHead(HttpServlet.java:270)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:714)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)

at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)

at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:432)

at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)

at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)

at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)

at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)

at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)

at java.lang.Thread.run(Thread.java:595)

JBoss version is 4.0.4GA.

Thank you,

Paul

1. Re: Can someone try to attack my JBoss instance by issuing JMX commands over HTTP?

petal1 Aug 10, 2011 4:45 AM (in response to petal1)

I have seen this exception again. I'd be most grateful for some guidance on what could be causing this.
Thanks.
Actions