Seeing various probing web requests that appear to be scanning the internet for zip, tar, or gz files that likely contain the full website content. If an attacker finds a file like this on your website, they can download it and it may contain critical configuration files that contain credentials in plain text, actual source code they can analyze, or various configuration settings that they can take advantage of. Make sure you don't have these files, or anything similar, on your site and if so, remove them.
HEAD /www.tar HTTP/1.1
HEAD /www.tar.gz HTTP/1.1
HEAD /www.zip HTTP/1.1
HEAD /public_html.tar HTTP/1.1
HEAD /public_html.tar.gz HTTP/1.1
HEAD /public_html.zip HTTP/1.1
HEAD /www.mysite.com.tar HTTP/1.1
HEAD /www.mysite.com.tar.gz HTTP/1.1
HEAD /www.mysite.com.zip HTTP/1.1
More about neonprimetime
Top Blogs of all-time
Top Github Contributions
Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.
No comments:
Post a Comment