This document contains excerpts from my web server logs collected over a period of 7 years that shows various kinds of recon and attack vectors.
There were a total of 37.2 million lines of logs out of which 1.1 million unique HTTP requests (Method + URI) were found.
$ sed 's/^.* - - \[.*\] "\(.*\) HTTP\/.*" .*/\1/' access.log > requests.txt
| #!/bin/sh | |
| # Make sure to: | |
| # 1) Name this file `backup.sh` and place it in /home/ubuntu | |
| # 2) Run sudo apt-get install awscli to install the AWSCLI | |
| # 3) Run aws configure (enter s3-authorized IAM user and specify region) | |
| # 4) Fill in DB host + name | |
| # 5) Create S3 bucket for the backups and fill it in below (set a lifecycle rule to expire files older than X days in the bucket) | |
| # 6) Run chmod +x backup.sh | |
| # 7) Test it out via ./backup.sh |
This document contains excerpts from my web server logs collected over a period of 7 years that shows various kinds of recon and attack vectors.
There were a total of 37.2 million lines of logs out of which 1.1 million unique HTTP requests (Method + URI) were found.
$ sed 's/^.* - - \[.*\] "\(.*\) HTTP\/.*" .*/\1/' access.log > requests.txt