• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Phishing attack

 
muntago Richard
Ranch Hand
Posts: 82
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
How do i protect a site against phishing attack. I know phishing occurs when trying to send
data using form action eg. action="buy.jsp". The attacker can remotely phish attack the form action to his own stealing.
Judging from this scenario, how can i protect it against phishing attack assuming the site is hosted on either Linux or Windows Servers

thanks

 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34218
341
Eclipse IDE Java VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
That's not a phishing attack. It sounds like you are describing man in the middle. Which you protect against using https and by using post so data isn't in the URL.
 
Pat Farrell
Rancher
Posts: 4678
7
Linux Mac OS X VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Jeanne Boyarsky wrote:It sounds like you are describing man in the middle (MITM). Which you protect against using https and by using post so data isn't in the URL.


Sadly, on some smartphones, the phone vendors are explicitly doing a MITM attack, they claim it improves things. It clearly destroys any hope of security. See
http://www.coderanch.com/t/602568/Security/Nokia-admits-implementing-Man-Middle
 
Jeanne Boyarsky
author & internet detective
Marshal
Posts: 34218
341
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I can't believe they are doing that!
 
Almalyn caguioa
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Also me.. i can't believe they doing that..
 
Arun Giridhar
Ranch Hand
Posts: 181
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Pat Farrell wrote:
Sadly, on some smartphones, the phone vendors are explicitly doing a MITM attack, they claim it improves things. It clearly destroys any hope of security. See
http://www.coderanch.com/t/602568/Security/Nokia-admits-implementing-Man-Middle


WoW! .. Coooooool ... I Like IT . But why Nokia People need to disclose this evidence ?
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Arun Giridhar wrote:WoW! .. Coooooool ... I Like IT . But why Nokia People need to disclose this evidence ?

Um, what? Nokia broke web security and privacy, and you think that's cool? You can bet they wouldn't have done so if it hadn't become public knowledge by some other means.
 
Arun Giridhar
Ranch Hand
Posts: 181
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ulf Dittmer wrote:
Um, what? Nokia broke web security and privacy, and you think that's cool?

Yes!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic