Brute force from our server to someone else
Hi guys,
We have received a complaint from an external source saying someone on our IP address is trying to brute force their server. they have sent us the below logs but i dont where to start looking. They dont appear to give us very much information.
Any help[ would be super appreciated.
- - [25/Oct/2014:22:33:28 +0200] "GET / HTTP/1.0" 301 260 "-" "-"
[25/Oct/2014:22:33:28 +0200] "GET / HTTP/1.0" 301 519 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /wp-login.php HTTP/1.0" 301 272 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /wp-login.php HTTP/1.0" 301 543 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /blog/wp-login.php HTTP/1.0" 301 277 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /blog/wp-login.php HTTP/1.0" 301 553 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /demo/wp-login.php HTTP/1.0" 301 277 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /demo/wp-login.php HTTP/1.0" 301 553 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /wp/wp-login.php HTTP/1.0" 301 275 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /wp/wp-login.php HTTP/1.0" 301 549 "-" "-"
25/Oct/2014:22:33:29 +0200] "GET /wordpress/wp-login.php HTTP/1.0" 301 282 "-" "-"
25/Oct/2014:22:33:29 +0200] "GET /wordpress/wp-login.php HTTP/1.0" 301 563 "-" "-"
25/Oct/2014:22:33:29 +0200] "GET /social/wp-login.php HTTP/1.0" 301 279 "-" "-"
25/Oct/2014:22:33:29 +0200] "GET /social/wp-login.php HTTP/1.0" 301 557 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /administrator/index.php HTTP/1.0" 301 565 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /administrator/index.php HTTP/1.0" 301 283 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /admin.php HTTP/1.0" 301 537 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /admin.php HTTP/1.0" 301 269 "-" "-"
[25/Oct/2014:22:33:29 +0200] "GET /uploadify/uploadify.css HTTP/1.0" 301 565 "-" "-"-
Hello :) You can find a similar thread with advice on how to address the issue at: Joomla / WordPress admin attack from my server to remote Thank you. 0
Please sign in to leave a comment.
Comments
1 comment