Re: Security Hole in Axent ESM

From: Gene Spafford (spafat_private)
Date: Wed Aug 26 1998 - 19:21:46 PDT

Next message: Dr. Mudge: "Re: Security Hole in Axent ESM"

Previous message: dcuppat_private: "Security Hole in Axent ESM"
Maybe in reply to: dcuppat_private: "Security Hole in Axent ESM"
Next in thread: Dr. Mudge: "Re: Security Hole in Axent ESM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Simple checksums can be spoofed trivially.  CRCs are simple checksums.  If
that is all they use, then they can be spoofed once the algorithm is known.

Note that Tripwire is now available as a supported commercial product.  Here
is the file we put up on our ftp site about this:

In mid-December 1997, Tripwire Security Systems Inc. (formerly Visual
Computing Corp) acquired the license for our Tripwire change/intrusion
detection system.  They will be marketing an enhanced, supported
version of Tripwire for Unix-based machines.  The version 1.3 release
for Linux & Unix was made in early August 1998.  The folks at Tripwire
Security Systems are also planning a Windows version of Tripwire for
release sometimes in mid-fall 1998.

Gene Kim, my former student and the original author of Tripwire, is
the VP of TSS, and is directing the Tripwire development. I may have a
technical advisory role in these efforts.  Thus, there should be some
real continuity from the original Tripwire into these new and improved
versions.

Purdue and COAST made the decision to license Tripwire for development
so as to ensure that it would be kept up-to-date for newer systems,
and to provide for appropriate technical support.  We also wanted to
see the code ported to other operating systems (Windows, in
particular).  As Tripwire was no longer a supported research project
within the COAST Lab, this seemed to be the best way of achieving our
ultimate goals.  Furthermore, any fees that Purdue will collect will
help to fund assistantships for other students working on security
solutions in the COAST Lab.

All future enquiries about Tripwire sales and technical support should
be directed to:
    Tripwire Security Systems Inc.
    615 SW Broadway
    Portland, Oregon 97205
    Phone: (503) 223-0280
    FAX: (503) 223-0182
    tripwireat_private
    http://www.tripwiresecurity.com

All technical support questions, bug reports, etc should now be sent
to the people at Tripwire Security Systems.


The unsupported and out-of-date 1.2 version of Tripwire continues to
be available from Purdue, in this directory.  Be sure to read the
other two README files in this directory before downloading and using
this version of Tripwire.


Note that Tripwire is a registered trademark of the Purdue Research
Foundation, and it is also licensed to VCC.  Tripwire Security Systems
Inc. is a trademark of Tripwire Security Systems Inc.

Next message: Dr. Mudge: "Re: Security Hole in Axent ESM"
Previous message: dcuppat_private: "Security Hole in Axent ESM"
Maybe in reply to: dcuppat_private: "Security Hole in Axent ESM"
Next in thread: Dr. Mudge: "Re: Security Hole in Axent ESM"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:13:41 PDT