web server log filesLocked
I’m looking at the log files and I can see that I’ve been looked over by “odd” requests such as cmd.exe and all sorts of other neat things. And I’ve tracked down where some of these calls come from pacific, asia etc. But what I want to know is can I determine if the order of the script that is attempting to run on my server the same footprint as one of the worms running around.
I want to better understand what the script is that is hitting me, not just who.