APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

2004/11/08 Formmail

Probably "Matt's Formmail" though there are other scripts out there with the same name and purpose.

Most webmasters will tell you that their http logs are filled with records indicating attempts to execute /cgi-bin/FormMail.pl and Formail.cgi and all permutations of case. These are so-called "script-kiddies" trying to exploit weaknesses in this well known Perl script. I don't think too many sites run insecure versions of that any more, so these attempts probably deliver very little fruit, but the point is that these are people up to no good. An IDS system might immediately add their ip's to a blocked list just on general principle. There are many other less common, but still indicative, accesses. If I were using Formmail (I don't), I'd rename it. While security through obsccurity isn't much, it might just save you some trouble.

Got something to add? Send me email.

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Tony Lawrence

Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

A refund for defective software might be nice, except it would bankrupt the entire software industry in the first year. (Andrew S. Tanenbaum)

This post tagged: