Analyzing weblogs, part 2, RFI attacks

Published: 2010-01-29
Last Updated: 2010-01-29 04:30:13 UTC
by Johannes Ullrich (Version: 1)
0 comment(s)

The 2nd part of the "Weathering the Storm" blog series is now live [1]. In this series, I am looking at our web logs from for attacks.

I picked Remote File Inclusion (RFI) attacks because we are getting thousands a day. Just take a quick look at our web honeypot project [2]. Most of the attacks we detect are RFI attacks.



Johannes B. Ullrich, Ph.D.
SANS Technology Institute

Keywords: logs php rfi webattacks
0 comment(s)


Diary Archives