Something hit Tomcat & crashed Port 9001

If you have questions or if you want to share your opinion about Aware IM post your message on this forum
Post Reply
Jaymer
Posts: 1996
Joined: Tue Jan 13, 2015 10:58 am
Location: Tampa, FL
Contact:

Something hit Tomcat & crashed Port 9001

Post by Jaymer »

I've been having some issues with port 9000 not responding over the past few weeks.
It COULD be because a lot of other services have been put on this company's server (php, older MSSQL, etc), so some threads here said to change to 9001.
Thats been working fine for a few days.
Today I could not log in and could not start Config Tool. Said port 9001 might be blocked (of course, it couldnt be).
Tomcat output had a weird message in it.
And I checked Tomcat logs.
This is an image of both - showing an event that appears to be the culprit.
Don't know why Tomcat didn't report it as "GET" or "POST" or any of the other possible values.
Restarted aware and all is fine now.
Attachments
port 9001 crash.PNG
port 9001 crash.PNG (107.7 KiB) Viewed 5825 times
Click Here to see a collection of my tips & hacks on this forum? Or search for "JaymerTip" in the search bar at the top.

Jaymer
Aware Programming & Consulting - Tampa FL
ACDC
Posts: 1022
Joined: Sat Jun 30, 2007 5:03 pm

Re: Something hit Tomcat & crashed Port 9001

Post by ACDC »

Today I could not log in and could not start Config Tool. Said port 9001 might be blocked (of course, it couldnt be).
But it was blocked
Attachments
blocked.jpg
blocked.jpg (18.63 KiB) Viewed 5822 times
ACDC
Posts: 1022
Joined: Sat Jun 30, 2007 5:03 pm

Re: Something hit Tomcat & crashed Port 9001

Post by ACDC »

If you use Netstat to monitor the port you will see the culprit

If the port has been used by another program and its not evident (its gone away) the AwareIm server will not re- use the port, it needs a reboot. Try using an obscure port eg. 9212

Its obvious that the AwareIM server is not latching port 9000, that's why it gets used by another source and then AIM cannot connect again - I think this is a bug that's been around forever and caused much distress
Jaymer
Posts: 1996
Joined: Tue Jan 13, 2015 10:58 am
Location: Tampa, FL
Contact:

Re: Something hit Tomcat & crashed Port 9001

Post by Jaymer »

system totally stopped responding tonight - was up 6-8 hours before I noticed it.
No weird msg like in the OP, but Port 9001 stopped responding.
Using --> netstat -na | find "9001"
returned this:
port 9001 crash 3.PNG
port 9001 crash 3.PNG (38.57 KiB) Viewed 5703 times
All those addresses are outside the US - hackers.
Not trying RDP or SQL or Windows logins, so my instrusion software doesn't ban them.
But they also were not showing up in the Tomcat log - so I'm not sure what someone is doing attached to 9001.
I changed the port # to something else.
Click Here to see a collection of my tips & hacks on this forum? Or search for "JaymerTip" in the search bar at the top.

Jaymer
Aware Programming & Consulting - Tampa FL
ACDC
Posts: 1022
Joined: Sat Jun 30, 2007 5:03 pm

Re: Something hit Tomcat & crashed Port 9001

Post by ACDC »

It seems your firewall is open for incoming on 9001 , it should be closed, its only required at the AIM server level

This is exactly what happend to me, a foreign IP address in Iran was making periodic connections on port 9000. Becuase it was intermittent it was hard to make the discovery. But when I kept refreshing netstat (like watching paint dry) the scum bags were exposed.

The problem here is AIM will not reconnect if the port was hijacked for a brief moment by something else . This bug should be sorted out
Jaymer
Posts: 1996
Joined: Tue Jan 13, 2015 10:58 am
Location: Tampa, FL
Contact:

Re: Something hit Tomcat & crashed Port 9001

Post by Jaymer »

thx
but my firewall has to be open on that port so I can run the Config Tool remotely from home.
I changed it to another 9xxx port and no one has even latched on today.
not sure whats so common about 9000/9001, but I might be good now.
Click Here to see a collection of my tips & hacks on this forum? Or search for "JaymerTip" in the search bar at the top.

Jaymer
Aware Programming & Consulting - Tampa FL
ACDC
Posts: 1022
Joined: Sat Jun 30, 2007 5:03 pm

Re: Something hit Tomcat & crashed Port 9001

Post by ACDC »

but my firewall has to be open on that port so I can run the Config Tool remotely from home.
I have never been able to get that right, I assumed the server and the workstation had to be on the same LAN :shock:

How do you do that?
BLOMASKY
Posts: 1280
Joined: Wed Sep 30, 2015 10:08 pm
Location: Ocala FL

Re: Something hit Tomcat & crashed Port 9001

Post by BLOMASKY »

I use the "Client / Server" config all the time with Aware running on my customers windows server, and I am working from home. Either, like you said, I have to use a VPN to be on the same network OR (which I do), I open my public IP in the firewall for the appropriate ports and, when home, can just connect with the config tool.

Bruce
ACDC
Posts: 1022
Joined: Sat Jun 30, 2007 5:03 pm

Re: Something hit Tomcat & crashed Port 9001

Post by ACDC »

I have to use a VPN to be on the same network OR (which I do), I open my public IP in the firewall for the appropriate ports and, when home, can just connect with the config tool.
So it's possible as long as you have a VPN in place ?

I tried this once and could not get it to work, so I just RDP into the server. I wonder which is better ?
Post Reply