Over the weekend, one of our customers got hit with what appears to have
been either a penetration attempt or a DOS attack (or both).
Their catalina.out file contains tens of thousands (probably over 100k)
of lines reporting that our webapp received a request for a nonexistent
server object, and issued a 404.
I suggested that the customer ask their network people to check their
firewall logs, to see if they can find a source, and plug it up, but of
course that only stops it from the known source IP(s).
Any suggestions on what else can be done? Anything that I should pass on
to the customer or to our webapp developers?
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
