GET /CHANGELOG.txt 는 무얼 얻기 위한 스캔일까?
고민중에 구글신이 알려준 답변은 아래와 같았다
아무 이유 없는 스캔은 없나보다
Recently I've been seeing a major uptick in the following type of requests to my Apache logs:
"GET /CHANGELOG.txt HTTP/1.1" 404 211
About a month ago, I received none. Now I receive a dozen or so each day. Occasionally they are accompanied by other more obvious vulnerability scans, but usually they come by themselves.
They are all coming from IP addresses that would be very unusual for users of our server.
I'm not particularly worried about a direct security threat, because they are 404.
However my question is:
Probably someone figured out you are using a out of box solution(say a CMS) like Joomla,Wordpress,Drupal.
That CHANGELOG.txt is a file in Drupal CMS. I am not sure if that is the one on your server.
So, the attacker may be trying to know which version of CMS(Drupal) is it. So that he can use any exploits known to effect that particular version.
drupal 정보는 아래에서 확인
https://www.drupal.org/
'공부 > 콤퓨타' 카테고리의 다른 글
| Angler EK (0) | 2016.05.26 |
|---|---|
| @cc_on (JavaScript) (0) | 2016.05.26 |
| 메일 첨부파일 확인 (0) | 2016.05.17 |
| Magnitude EK (0) | 2016.04.11 |
| CK EK 변화 확인 (0) | 2016.04.01 |
