DEV Community

Cover image for Day 10-Insufficient Logging and Monitoring Tryhackme OWASP Top 10 Challenge
Nikhil Yadav
Nikhil Yadav

Posted on

Day 10-Insufficient Logging and Monitoring Tryhackme OWASP Top 10 Challenge

[Task 31] [Day 10] Insufficient Logging and Monitoring

1 What IP address is the attacker using?

Answer> 49.99.13.16

2 What kind of attack is being carried out?

Answer> brute force

Explanation:

As you see in the given login log file status-code is client-side error code (401) Unauthorised attempting with this IP address 49.99.13.16 and continuously attempting for user login in a short sequence of time which means some automated tools (like brute-force) Trying combinations of usernames and passwords to gain access to users’ accounts.

Discussion (0)