The Apache Tomcat shutdown port must be disabled.

An XCCDF Rule

Details
Profiles

Description

Tomcat uses a port (defaults to 8005) as a shutdown port. Someone could Telnet to the machine using this port and send the default command SHUTDOWN. Tomcat and all web apps would shut down in that case, which is a denial-of-service attack and would cause an unwanted service interruption.

ID: SV-224789r1013876_rule
Version: ISEC-06-551300
Severity: Medium
References: CCI-001813
Updated: 23 days ago

Remediation Templates

Log in to the SPHERE server.
Browse to Program Files\Isec7 SPHERE\Tomcat\Conf.
Open the server.xml with Notepad.exe.
Select Edit >> Find, and then search for "Shutdown".
Change the shutdown to "-1".
example:  shutdown=-1

Save the file and restart the Isec7 SPHERE Web service with the services.msc.

The Apache Tomcat shutdown port must be disabled.

Description

Remediation Templates

A Manual Procedure