Let me address a couple of items pointed out in prior email concerning the ESM (Enterprise Security Manager) product from AXENT Technologies. For those of you that may not be fully informed about the AXENT product line, ESM is a security assessment tool that allows customers to assess their current network-wide security readiness. This tool allows a security administrator/auditor to evaluate where the potential security holes are in their environment across multiple platforms within their enterprise. All of this data can then be rolled into a single enterprise report automatically. Now with that base information... the details about the issues: The CRC check is used in conjunction with other checks by ESM to determine when a customers file has changed. The usage of CRC as a method of checking for file change while not the most robust method does not constitute a hole in ESM as there is no way the use of this method would allow someone to gain access to ESM. We at AXENT agree that CRC checks are not as secure as our customer base would desire. Thus, we have added the MD5 (128 bit) check to ESM. This shipped in the ESM 4.5 product in March of 1998. Now our customers can choose to run either CRC or MD5 according to their needs. I want to respond to comments regarding the use of XOR within ESM 4.4 as a method of hiding communications between servers and remote clients. I would like you to know that the method employed is not just XOR logic, but XOR combined with standard 40 bit data hiding technology. We at AXENT recognized that this methodology was not as secure as desired. We have enhanced the communications security between servers and clients to utilize a Diffie-Helman key for the session, combined with encrypting every packet across the wire using DESX encryption. This has been available since ESM 4.5 shipped in March of 1998. In addition to this, communications handshaking occurs at the initiation of every communication sequence between client and server. Steve Jackson AXENT Technologies
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:14:00 PDT