httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank Bonnet <f.bon...@esiee.fr>
Subject [users@httpd] phishing problem
Date Tue, 12 Jul 2011 08:20:41 GMT
Hello

Few weeks ago we discovered that two of our apache servers
has been victims of phishing attack.

The first one is running squirrelmail webmail and the second one
in running our extranet services for students and professors.

Both of them are using https and require authentication.

The two phising pages had the same look and feel than original servers
of course !

The "traps" has been used to grab users's login and passwords as usual.

The attack has been performed by "real" hackers that have been paid
by some students to hack passwords of "interresting" people.
maybe some hacked DNS or Internet routers has been compromised/used ?

I would be VERY interrested by ANY documentation about that kind
of phising techniques and HOW to fight them ( if possible ) also
I would be interrested by any apache gurus advices ...
Would it be possible to configure something in apache to track down
that kind of problem ? any log analyzer that could help ?

Thank you very much


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message