Good morning/afternoon/night all. First post here. Hope someone can help me. I’m currently undergoing a cyber-security internship. One of my tasks is to identify, through Error codes (ie 401 403 500…) in OWA logs, all attempts to tamper with the webmail server. Now there is a lot of explanations online for the definition of error codes and all.I have come to the conclusion that 4xx and 5xx codes are the most interesting ones. But i have failed to determine which ones are interesting and may indicate a hack, if repetitive in the logs.Any help would be much appreciated.
Thanks in advance!