On 13 juil. 2011, at 07:23, Ashwin Kesavan wrote:
And make sure it is not a case access to your server having httpd is
compromised ? look though the apache httpd conf files and its included files
and look for the parameter redirect . or some url rewite rule through
mod_rewrite rules.
On 07/13/2011 09:23 AM, Patrick Proniewski wrote:
On 13 juil. 2011, at 07:23, Ashwin Kesavan wrote:
And make sure it is not a case access to your server having httpd is
compromised ? look though the apache httpd conf files and its included files
and look for the parameter redirect . or
Answers inline
-Original Message-
From: Patrick Proniewski [mailto:patrick.proniew...@univ-lyon2.fr]
Sent: Wednesday, July 13, 2011 12:54 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Re: phishing problem
On 13 juil. 2011, at 07:23, Ashwin Kesavan wrote:
And make sure
On 13 juil. 2011, at 12:18, Ashwin Kesavan wrote:
There are huge befits of doing this if I were a hacker. First I don't invoke
the suspicion of the admin. B'cos I am making minimal changes to config
server, so that I delay his notice. Then by diverting to my website I have
the huge
On 07/13/2011 12:53 PM, Patrick Proniewski wrote:
On 13 juil. 2011, at 12:18, Ashwin Kesavan wrote:
There are huge befits of doing this if I were a hacker. First I don't invoke
the suspicion of the admin. B'cos I am making minimal changes to config server,
so that I delay his notice. Then by
Translation:
As I say above, your servers can not be victims of a phishing attack. A
phishing attack is a breach of confidence (or stupidity), and it is
therefore directly at the user level.
The only way to fight against phishing is to educate users. You can
always offer services in https, if
I have provided a translation. See my message. I agree he should have
continued in the language of this newsgroup.
Sander Temme wrote:
On Jul 12, 2011, at 1:37 AM, Patrick Proniewski wrote:
Hi,
Apache servers are not victims of phishing attacks.
Users are victims of phishing attacks.
I think effectivelly users's requests have been redirected
to the hacked servers ...
I wonder how they do that because users access directly to
those servers ... they do not click in a fake email or anything
like that , those servers are well known of our users ,
the extranet and one webmail
On 12 juil. 2011, at 21:40, Frank Bonnet wrote:
I think effectivelly users's requests have been redirected
to the hacked servers ...
so it's not a phishing, it's more like a man-in-the-middle, or a DNS cache
poisoning...
The only way for you to know what happens is to act as victims do (doing
Frank Bonnet wrote:
I think effectivelly users's requests have been redirected
to the hacked servers ...
I wonder how they do that because users access directly to
those servers ... they do not click in a fake email or anything
like that , those servers are well known of our users ,
the
Answers inline
-Original Message-
From: Patrick Proniewski [mailto:patrick.proniew...@univ-lyon2.fr]
Sent: Wednesday, July 13, 2011 2:34 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Re: phishing problem
On 12 juil. 2011, at 21:40, Frank Bonnet wrote:
I think effectivelly
Am 12.07.2011 21:40, schrieb Frank Bonnet:
I think effectivelly users's requests have been redirected
to the hacked servers ...
Checked the access logs? If it's another server issuing the requests
you could notice by the the request IP addresses. Otherwise, use
only a HTTPS login - don't offer
12 matches
Mail list logo