Bugtraq mailing list archives
Re: Security Hole in Axent ESM
From: spaf () CS PURDUE EDU (Gene Spafford)
Date: Wed, 26 Aug 1998 21:21:46 -0500
Simple checksums can be spoofed trivially. CRCs are simple checksums. If
that is all they use, then they can be spoofed once the algorithm is known.
Note that Tripwire is now available as a supported commercial product. Here
is the file we put up on our ftp site about this:
In mid-December 1997, Tripwire Security Systems Inc. (formerly Visual
Computing Corp) acquired the license for our Tripwire change/intrusion
detection system. They will be marketing an enhanced, supported
version of Tripwire for Unix-based machines. The version 1.3 release
for Linux & Unix was made in early August 1998. The folks at Tripwire
Security Systems are also planning a Windows version of Tripwire for
release sometimes in mid-fall 1998.
Gene Kim, my former student and the original author of Tripwire, is
the VP of TSS, and is directing the Tripwire development. I may have a
technical advisory role in these efforts. Thus, there should be some
real continuity from the original Tripwire into these new and improved
versions.
Purdue and COAST made the decision to license Tripwire for development
so as to ensure that it would be kept up-to-date for newer systems,
and to provide for appropriate technical support. We also wanted to
see the code ported to other operating systems (Windows, in
particular). As Tripwire was no longer a supported research project
within the COAST Lab, this seemed to be the best way of achieving our
ultimate goals. Furthermore, any fees that Purdue will collect will
help to fund assistantships for other students working on security
solutions in the COAST Lab.
All future enquiries about Tripwire sales and technical support should
be directed to:
Tripwire Security Systems Inc.
615 SW Broadway
Portland, Oregon 97205
Phone: (503) 223-0280
FAX: (503) 223-0182
tripwire () tripwiresecurity com
http://www.tripwiresecurity.com
All technical support questions, bug reports, etc should now be sent
to the people at Tripwire Security Systems.
The unsupported and out-of-date 1.2 version of Tripwire continues to
be available from Purdue, in this directory. Be sure to read the
other two README files in this directory before downloading and using
this version of Tripwire.
Note that Tripwire is a registered trademark of the Purdue Research
Foundation, and it is also licensed to VCC. Tripwire Security Systems
Inc. is a trademark of Tripwire Security Systems Inc.
Current thread:
- Re: Webmail.bellsouth.net security problems Rude Yak (Aug 26)
- Security Hole in Axent ESM dcupp () SNAKEBITE COM (Aug 26)
- Re: Security Hole in Axent ESM Gene Spafford (Aug 26)
- Re: Webmail.bellsouth.net security problems Alan Cox (Aug 26)
- Security Hole in Axent ESM dcupp () SNAKEBITE COM (Aug 26)