Snort mailing list archives

Re: html post question

From: Matt Kettler <mkettler () evi-inc com>
Date: Tue, 09 Dec 2003 14:20:43 -0500

At 09:20 AM 12/9/2003, Rich Adamson wrote:

We're seeing a number of hosts posting spam via this
request2.cgi perl script on RH9 with Apache. Two questions:
1. is this becoming a fairly common spamming method?

I've never seen this particular CGI before, but spam relaying via brokenCGI scripts has been popular among spammers for a VERY long time...FormMail.pl has been a long time favorite, but the use of other CGI'sdoesn't surprise me.

Abusing insecure proxies (socks or HTTP) is also popular trick forspammers, as is installing trojan horses and/or backdoors, much like isdone for DDoS attacks.







-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills.  Sign up for IBM's
Free Linux Tutorials.  Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
Snort-users mailing list
Snort-users () lists sourceforge net
Go to this URL to change user options or unsubscribe:
https://lists.sourceforge.net/lists/listinfo/snort-users
Snort-users list archive:
http://www.geocrawler.com/redir-sf.php3?list=snort-users

Current thread:

html post question Rich Adamson (Dec 09)
- Re: html post question Matt Kettler (Dec 09)