While having a look at my visitor logs (Cpanel), I noticed this line: "Agent: libwww-perl/5.805" My understanding is that it is a perl script running... But is it running internally on the server (by my hosting company) or is it external (proxy, hacker, google translation tool...) This script visited many pages (only .php no images) and used more than one IP. IPs used 64.92.199.54 64.92.199.12 64.92.199.43 64.92.199.11 .... 64.92.199.* Does someone have an idea what this is.
Recently I'm seeing random scanning from different IPs using the perl user-agent. They are probing the site with common script vulnerabilities like remote code injection.
Thanks for the info Can anyone else confirm this? BTW how can they exploit such vulnerabilities if any?