Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1414
  • Last Modified:

Snoop servlet detected

Is anyone familiar with Snoop servlet and how to remove them?

our network was scanned to ensure it was PCI compliant and also to make sure there were no vulnerabilities in our network. One of the vulnerabilities found after the scan was snoop servlet and they said the Snoopservlet was a utility which provided information about requests to web application.
the action they recommended us to take is " remove all demo and debug code from production web servers so that no unintended functionaliyt is not exposed to external user"
I am Not sure how to locate the deo code o debug code.

it we as detected on my webserver which hosts websites that are accessible to our customers.
i am trying to remove this but to no avail. i have scanned my server with all kinds of antispyware and anti virus.

From my research online  it is usually part of tomcat 3.1 but it i am not running Tomcat on that server. I have also read that it can be part of java programs.

I am not sure as to how to locate this snoop servlet code. our websites were programmed using cold fusion like 8 years ago. right now everyone is not sure how to fix it since the original programmer is not accessible.
0
cchibonga
Asked:
cchibonga
  • 4
  • 2
1 Solution
 
objectsCommented:
what servlet container is running on the box?
(if none is running then there is no problem)

also do a file search for *.class and *.jar files

0
 
cchibongaAuthor Commented:
how do i know what servlet container is being used?
0
 
cchibongaAuthor Commented:
i did  a search for .jar and .class extensions and it came up with a bunch of files how do i know which one has the snoop servlet?
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
objectsCommented:
check the process list

post list the list of jars/files you found and I'll check it for you.

0
 
cchibongaAuthor Commented:
here are the screen shot with the .jar files.

when you talk about the process list you mean services.msc right ?
jar-files.doc
0
 
cchibongaAuthor Commented:
I am closing ths question.
thank you for your effort.

We ended up appealing the PCI results as being false positive and they accepted the appeal.
0

Featured Post

New Tabletop Appliances Blow Competitors Away!

WatchGuard’s new T15, T35 and T55 tabletop UTMs provide the highest-performing security inspection in their class, allowing users at small offices, home offices and distributed enterprises to experience blazing-fast Internet speeds without sacrificing enterprise-grade security.

  • 4
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now