I noticed a few attempts in my logs at attacking my site, where the source scanned for some RFI vulnerabilities (and did so very poorly). I decided to use it as an example for my readers, to see how a few simple techniques can be applied to take a few simple log entries and build up a reasonable profile of the attack and attackers. I have a short writeup and I have posted it to my site:
I figured this would be of interest to at least a handful of people here.
Simple Investigation of Remote-File-Include Attempts
No replies to this topic
BinRev is hosted by the great people at Lunarpages!