APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

2004/11/08 Formmail

Probably "Matt's Formmail" though there are other scripts out there with the same name and purpose.

Most webmasters will tell you that their http logs are filled with records indicating attempts to execute /cgi-bin/FormMail.pl and Formail.cgi and all permutations of case. These are so-called "script-kiddies" trying to exploit weaknesses in this well known Perl script. I don't think too many sites run insecure versions of that any more, so these attempts probably deliver very little fruit, but the point is that these are people up to no good. An IDS system might immediately add their ip's to a blocked list just on general principle. There are many other less common, but still indicative, accesses. If I were using Formmail (I don't), I'd rename it. While security through obsccurity isn't much, it might just save you some trouble.

Got something to add? Send me email.

Increase ad revenue 50-250% with Ezoic

More Articles by

Find me on Google+

© Tony Lawrence

Kerio Connect Mailserver

Kerio Samepage

Kerio Control Firewall

Have you tried Searching this site?

Support Rates

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us

[This] reminds me of a quotation from somebody that, whenever he tried to explain the logical structure of a programming language to a programmer, it was like a cat trying to explain to a fish what it feels like to be wet. (Saul Gorn)

This post tagged: