Hope this is in the right forum, figured it's a site admin question. I've seen request for cgi-bin/formmail.pl go up recently on several sites. I don't have form mail, but I was wondering, does anyone have tips how to utilitze these hits to their advantage? thanks, tom
In case you don't know, formmail.pl (and others) are popular CGI scripts that older versions had security holes in 'em ... so the auto-script-kiddies poke around for 'em ... I get these every day along with a slew of other attempted IIS exploits on my Apache web server ...
Thank you Alek, I understand what the file is for, I just want to add, I was told it isn't script kiddies only. Spammers go looking for this easy exploit so they can make a buck or two, and leave the account owner holding the spam bag. Now I see many office hacks/exploits being tested, with the formmail one, what do you do with them. I started redirecting them back to the home page, and was toying with the idea of forwarding them to some popup farm, or police agency. Any suggestions? tom
I redirect especially obnoxious User Agents to a file that basically says WTF. For stuff like formmail.pl, I just let it return file not found since this means they probably won't followup on it.