this morning at 2AM there was some kind of DOS attack on tomcat. the catalina.out file filled up 2G of data in two hours. The lines looked like this:
Code:
Binding to 10.10.131.83:20112
Binding to 10.10.131.83:28344
Binding to 10.10.131.83:19603
Binding to 10.10.131.83:26041
Binding to 10.10.131.83:40223
Binding to 10.10.131.83:39108
Binding to 10.10.131.83:28010
Binding to 10.10.131.83:8308
Binding to 10.10.131.83:9134
This IP address is not on my system. This didn't become a DOS condition until catalina.out filled up over 2G and the logger didn't rotate it. Tomcat stopped running because it couldn't log. I had to manually rotate catalina.out to get it back up.

I have never seen this kind of condition before. Could someone here give me a clue if it looks familliar?