[nsp-sec] Web Server Attack
Joel Rosenblatt
joel at columbia.edu
Sat Jul 25 23:10:02 EDT 2009
Hi Scott,
We had the same problem a few weeks ago .. they installed a cialis store on one of our web servers, then use a botnet to do google searches and access the
store to drive it's position up in the google search ... the way to stop it is to remove the store and get the references out of google - just taking the pages
down didn't fix the problem, as the web searches for pages not found was also hurting us.
If your using Apache, take a look at mod_evasive - it helped.
Good luck!
Joel Rosenblatt
Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
--On Saturday, July 25, 2009 9:39 PM -0500 Scott Fendley <scottf at uark.edu> wrote:
> ----------- nsp-security Confidential --------
>
Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
More information about the nsp-security
mailing list