Firewalls: Re: Comments on a hacked server/page

Firewalls
(September 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Comments on a hacked server/page
From:	Tony Weasler <tweasler @ vt . edu>
Date:	Mon, 18 Sep 1995 14:15:36 +0600
To:	Quentin Fennessy <fennessq @ thecount . eng . sematech . org>
Cc:	webserver-nt @ DELTA . PROCESS . COM, firewalls @ greatcircle . com

-----BEGIN PGP SIGNED MESSAGE-----

There is a thread in the alt.security.pgp newsgroup that is discussing the same concept.  It would be more secure to use PGP (which uses MD5, RSA, and Idea) to digitally sign each of your pages so that anyone can test the validity of your work.  These signatures are nearly impossible to foil (assuming you use a reasonably large key size, >1024 bits) and can be varified by anyone who has your public key.  For commercial use, it costs about $100 and it's free for individual or nonprofit use.  Details can be found in my web pages: http://www.vt.edu:10021/A/aweasler/pgp_info.html

Regards,
Tony Weasler

<------------------------------------------------------->
At 08:01 AM 9/18/95 -0500, Quentin Fennessy wrote:
>Rich-
>	re:: How can you protect yourself from "altered" information?  
>
>	I suggest cloning Tripwire technology onto your NT system.
>At the very least you could compile md5 and run that regularly against
>your data files.
>
>	If NT has a cron-equivalent you could run an md5 executable
>from a read-only floppy, comparing data files with their checksums
>on the same read-only floppy.
>
>	Would you share more details on the hole in the CERN server?
>	
>Quentin Fennessy

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMF1+mNf/gejrnTapAQGkagP8CSHzdd4iglf8U0JS4WcuxOzW88bb2YfQ
dH6HVr1vB7MoCdGfSba3XVeokKryEpvYP+sH4P+ckEUoukYB7dudiTkM0XBs3gli
ch140/DiyMrwgk0QyzJXR+NSEQ+ENaiGgY1AqnrQTBEeYmScp5sHKDgBj8ofX+CC
pOH/UY52bmM=
=TtvF
-----END PGP SIGNATURE-----

--------------------------------------------------------------------------
Desire only that the |   tweasler @
 vt .
 edu    | Tony Weasler
truth prevail. Be    | __    ______________ | Virginia Tech
willing to change    | \ \  / ___   ______/ | 
your mind instantly  |  \ \/ /   / /        | AN EXPERT: 
should the facts of  |   \  /   / /         | "Anyone fifty miles
a matter prove you   |    \/   /_/          |  from home."
to be mistaken.      |    GO HOKIES!!!      |  -- Alan Abelson
      -JDW           |                      |
==========================================================================
          PGPrint 7F D5 03 E8 16 43 6A 5E ED A4 07 4B 42 3E FE 7E

www: http://www.vt.edu:10021/A/aweasler/

Indexed By Date	Previous:	Re: Comments on a hacked server/page From: Roger Marquis <marquis @ roble . com>
Indexed By Date	Next:	Re: Horrible thought wrt. the Word virus From: long-morrow @ CS . YALE . EDU
Indexed By Thread	Previous:	Re: Comments on a hacked server/page From: Roger Marquis <marquis @ roble . com>
Indexed By Thread	Next:	Re: Comments on a hacked server/page From: James_Dehnert @ optilink . optilink . dsccc . com