Y
Hacker News
new
|
ask
|
show
|
jobs
by
unixhero
3031 days ago
Moral of the story. For my sake:
Check the access logs.
Regularly.
1 comments
peterwwillis
3031 days ago
Why, are you bored? They can just access the db from an internal host that already has connections and exfiltrate from there. That's part of why people retrieve data using holes in web apps - it looks like a spike in normal traffic.
link
unixhero
3031 days ago
I'm sharing my takeaway after reading this. Access logs are fun to some people ;)
link