[nSLUG] RE: [OT] What's WebGuard.Cab?
dgmacd at eastlink.ca
Tue Jan 24 00:23:09 AST 2006
When I googled it, I came up with this
Seems like it is some kind of firewall for servers to prevent hackers
from changing info on a server and if it does happen, it uses a cache
server to give the correct page instead of a broken page.
Not sure why it would be probing out though ...
Date: Mon, 23 Jan 2006 04:41:41 -0400
From: mspencer at tallships.ca (Mike Spencer)
Subject: [NSLUG] [OT] What's WebGuard.Cab?
To: nslug at nslug.ns.ca
Message-ID: <200601230841.k0N8ffX12086 at bogus.nodomain.nowhere>
I keep getting these port 80 probes -- several per hour -- from a
couple of Eastlink machines. If, in turn, I probe to see what those
hosts are offering on port 80, I get some HTML with an
After grovelling through Google, I'm no wiser. My curiosity is
aroused: If this is a defensive security thing, why are these machines
probing me? If it's some kind of malware, how come I can't google
anything that reports it as such?
For anyone with a frivolous inclination to respond to this OT query,
a specimen request and response is included infra.
More information about the nSLUG