Greetings Charles Hedrick,
I am a contibutor and user of the Apache mod_ssl mailing list. It is a
fairly technical list which provides a forum for questions and support
surrounding the use of mod_ssl with the Apache webserver to provide
Secure Socket Layer encryption on web-sites. Nothing very exciting ever
happens on the list - until last week.
Then we were inundated with hysterical mails from a certain Adrienne
DeAngelis using an e-mail account from your server
([EMAIL PROTECTED]). Here is a copy of one of his earlier postings:
"I have no connection with Apache whateveritis. I OWN THE DOMAIN NAME
: ahresources.org. YOU HAVE APPARENTLY PLACED A LINK FROM THIS TO YOUR
SITE. PLEASE TAKE THIS DOWN IMMEDIATELY. YOU ARE DISRUPTING MY USE OF
MY SITE. Please no excuses and no refusals."
It took a while before one of our users realised what was going on:
apparently DeAngelis had reserved the URL https://www.ahresources.org
(NB https - secure site) and had instructed his ISP to set it up.
However, either he did not upload any content to the site or the ISP did
not configure the DocumentRoot correctly. Anyway, Apache innocently did
what it always does when it has been freshly installed and doesn't have
any content - it served the default page. This is a local file which
comes with the Apache distribution and since this was a secure server
(on port 443), the default page contains banner links to OpenSSL,
mod_ssl and Apache.
Now, DeAngelis, apparently not being too technical, did not realise that
this was an entirely default behaviour and quite internal to his ISP.
However, he was very paranoid and so assumed that the mod_ssl community
had "taken over" his website. Of course, all he needed to do was load a
file to the DocumentRoot and the offending page would have disappeared.
But that would have been too simple...
Instead we then were submerged by spam (you can check them out at:
http://www.modssl.org/support/bugdb/index.cgi/open?id=466;page=32;user=guest).
The volume was such that this amounted to a denial-of-service attack.
To cap it all, the guy is now sending threatening e-mails to various
users on our list who tried to reason with him last week. For example:
"The above person (name supressed) has been sending obscene and
insulting mail to me. Please request that he cease this activity and
that he withdraw his postings from any online archives. He is a member
of a group of people who illegally posted advertising on my Web site.
Complaints are being made to the appropriate law-enforcement
authorities.
A. DeAngelis"
It is tempting to ask you to use your mighty sysadmin powers to wreak
havoc on this "Clueless Moron" (as he has come to be known on our list)
since he has clearly violated your University's acceptable use policy
(which just read on your web-site). However, I think the guy is simply
misguided and genuinely didn't know what was happening. So perhaps you
could locate him and explain the situation to him - you could point out
that if he were to post an apology to our list, we might see the funny
side of it.
Best regards,
Owen Boyle.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
