I published the following diary on isc.sans.org: “Bots Searching for Keys & Config Files“.
If you don’t know our “404” project, I would definitively recommend having a look at it! The idea is to track HTTP 404 errors returned by your web servers. I like to compare the value of 404 errors found in web sites log files to “dropped” events in firewall logs. They can have a huge value to detect ongoing attacks or attackers performing some reconnaissance… [Read more]
[The post [SANS ISC] Bots Searching for Keys & Config Files has been first published on /dev/random]
Article Link: https://blog.rootshell.be/2017/07/19/sans-isc-bots-searching-keys-config-files/