> > I have a client who wants to do a project that involves having
> > users upload some extremely sensitive data via the web. They are
> There's still a window of vulnerability, since the web server
> itself could be subverted and the program that ordinarily takes the
> information could be replaced by one that mailed it off to somewhere.
> Tripwire is a security program from the COAST project (I don't
> know if there are any commercial versions available, but the source is
> available from the COAST ftp archive). You run Tripwire against the
> files in your system to produce something like a checksum. A Checksum
> is a unique number derived from the data in a file; checksums are
> normally used to be sure that a chunk of data survived transmission
> intact. Checksums, however, can be faked - a checksum doesn't
> guarantee that the data in two files is identical, but it's extremely
> unlikely that two different sets of data would produce the same
> checksum number.
Having been hacked...
What I have, is a SCSI drive that has the read-only jumper set. (Many
SCSI drives have a Read-Only jumper.) On that drive resides all the /usr
and related files, as well as reference copies of /bin, /sbin, /etc, /lib,
and some other files. The diff utility, which resides in the read only
/usr hierarchy, is run several times a day to verify exposed utilities on
a byte by byte basis. The only person who can subvert that, is someone
with physical access to the computer. And I do run some of those checks
manually.
On my notebook, I came up with a trick to render the root directory
hierarchy read-only. Although it can be subverted, whenever that machine
is on the net, the root and usr directories are repeatedly checked for
write permissions. If any of those becomes writable, all network and
modem links are terminated.
> Security isn't about not allowing access to things, it's about
> allowing controlled access. Otherwise, the best firewall in the world
> would be a brick. If you manage to find an ISP and convince them to
> take these elaborate precautions for you, they're not about to turn
Very true. And the detection of a security breach is even more
important than preventing it, so as to limit damages. The real problem
with the theft of sensitive data, is that it may be a long time before the
theft is detected. Concordski, the soviet version of the Concord
supersonic transport, comes to mind.
[EMAIL PROTECTED] ------------------ [EMAIL PROTECTED]
----------------------- IMAGINEERING --------------------------
--- Have you analyzed your viewer's footprints in the logs? ---
--- Webmaster's Resources: http://www.mall-net.com/webcons/ ---
--- Web Imagineering -- Architecture to Programming CGI-BIN ---
---------------------------------------------------------------
____________________________________________________________________
--------------------------------------------------------------------
Join The NEW Web Consultants Association FORUMS and CHAT:
Register Today at: http://just4u.com/forums/
Web Consultants Web Site : http://just4u.com/webconsultants
Give the Gift of Life This Year...
Just4U Stop Smoking Support forum - helping smokers for
over three years-tell a friend: http://just4u.com/forums/
To get 500 Banner Ads for FREE
go to http://www.linkbuddies.com/start.go?id=111261
---------------------------------------------------------------------
