Web Security

So, looking through my logs I keep seeing people probing for this one cgi script called formmail.pl. What's great about these probes is that they give me all their information.:

64.108.203.174 - - [04/Jun/2002:15:16:24 -0400] "GET /cgi-bin/formmail.pl?email=lafam&subject=www%2Eezoons%2Ecom%2Fcgi%2Dbin

%2Fformmail%2Epl&recipient=isyndr0i%40aol%2Ecom&msg=Formmail_Found! HTTP/1.1Content-Type: application/x-www-form-urlencoded" 404 2050 "-" "Gozilla/4.0 (compatible; MSIE 5.5; windows 2000)"

So, if I really wanted I could send them back some email. I was wondering if this constitutes 'abuse', because I could then email their isp (in this case AOL). Either that or I could start signing them up for lots of mailing lists or for lots of spam.

Pages

Powered by Movable Type 8.0.2

About this Entry

This page contains a single entry by Gregory published on June 5, 2002 12:31 PM.

QOTD was the previous entry in this blog.

A Snapshot of Music is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.