Hello Few weeks ago we discovered that two of our apache servers has been victims of phishing attack. The first one is running squirrelmail webmail and the second one in running our extranet services for students and professors. Both of them are using https and require authentication. The two phising pages had the same look and feel than original servers of course ! The "traps" has been used to grab users's login and passwords as usual. The attack has been performed by "real" hackers that have been paid by some students to hack passwords of "interresting" people. maybe some hacked DNS or Internet routers has been compromised/used ? I would be VERY interrested by ANY documentation about that kind of phising techniques and HOW to fight them ( if possible ) also I would be interrested by any apache gurus advices ... Would it be possible to configure something in apache to track down that kind of problem ? any log analyzer that could help ? Thank you very much --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|