Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- New Crawler looking for exploits?
December 7, 2005, 5:11 pm
rate this thread
I recently ran across a few entries in some of our log files that
seemed rather odd. Each of the requests were from a user agent
'WebVulnScan/1.0 libwww-perl/5.803' from IP Address 188.8.131.52.
I've tried searching for any info on this one, but to no avail. My
major concern is that all the requests from this user agent start with
reading the robots.txt file and then disobey the directives in there,
only accessing the files and directories explicitly disallowed in the
robots.txt file. They don't crawl any other pages.
Anyone got any ideas as to who or what this is?
I can only assume that it is a crawler looking for known exploits to
take advantage of.