PR: Tripwire allows organizations to fight back against growing number of website attacks

by Jeremy Reed

Tailored for the Apache Web server platform -- the most widely used Web server platform in the world -- this new product immediately detects unauthorized modifications to Web site content, prevents the delivery of modified pages, and instantly alerts the system administrator.

To help alleviate loss of perception and the potential of negative market value impact associated with Web site attacks, Tripwire Inc., the leading provider of data and network integrity (DNI) software, today announced Tripwire(R) for Web Pages.

Tailored for the Apache Web server platform -- the most widely used Web server platform in the world -- this new product immediately detects unauthorized modifications to Web site content, prevents the delivery of modified pages, and instantly alerts the system administrator. According to TruSecure, a computer security consulting firm based in Reston, Virginia, 42 Web sites are successfully hacked each day, up 55 percent in the last year.

"In light of recent Web site attacks such as Associated Press, NASA and The New York Times, coupled with the advanced skills of today's hackers, there is an immediate need for a real-time defense mechanism to assure the integrity of Web pages and Web page content," said W. Wyatt Starnes, CEO and president of Tripwire. "Tripwire's main focus is to deliver technology solutions that assure the integrity of critical IT infrastructures. Tripwire for Web Pages is a natural extension of our existing product portfolio because it focuses on solving high-impact, high-outage problems within an enterprise."

"Given the increasing importance of a company's Web site -- whether informational-, marketing- or eCommerce-based -- the need to have 100 percent faith in its integrity is essential," said Robert Lonadier, director of security strategies, The Hurwitz Group.

How Tripwire for Web Pages Works

Tripwire for Web Pages, the first product to originate from Tripwire and Covalent's strategic alliance announced in January 2001, delivers enhanced integrity solutions by assuring the integrity of Web page content. It extends Tripwire's core DNI offerings from monitoring the file system of the Web server to the real-time monitoring of dynamic Web pages being presented by the server. Tripwire for Web Pages does this by detecting unauthorized modifications to Web server content, instantly alerting the system administrator, and redirecting Web site viewers to a user-defined temporary Web page until authorized content is restored. This real-time DNI solution enables IT managers and Web developers to help the company avoid public embarrassment, negative brand impact, and the potential loss of market value frequently caused by malicious Web server attacks.

Tripwire for Web Pages determines if a Web page has been altered by comparing the date and the digital signature of the current Web page to that of the "known good" authorized file securely saved in the database. This "integrity check" is instantly performed each time a browser requests a Web page from the Web server. If the file dates and/or signatures do not match precisely, Tripwire for Web Pages halts the file from being served, sends a custom notification/replacement page to the browser, logs the event, and sends a custom e-mail to alert the system administrator of the change and provide steps to restore the authorized content.

When used in conjunction with the company's flagship product, Tripwire for Servers, Tripwire for Web Pages provides customers with an unparalleled level of assurance that the integrity of the entire Web infrastructure is being maintained. Tripwire for Servers assures Web server integrity by creating a baseline snapshot of the Web server file system and system registry, comparing the most current file(s) run against a "known good" baseline and alerting the network/system administrator if there are any differences. Using both Tripwire products together, an IT manager is able to unequivocally ensure the integrity of the entire Web infrastructure.

Tripwire for Web Pages Features

Instant detection -- monitors all Web pages leaving the Web site in real-time and alerts the system administrator of any modifications to a Web page.
  • Custom notification -- if a Web page is modified, the software logs the event in a file, pipe, socket, CGI script, syslog, and/or SNMP, and notifies the system administrator immediately, allowing immediate remedy to the problem.
  • Notification page -- full control of notification/substitute page that is displayed when a modified Web page is detected.
  • Virtual hosts -- full support for multiple virtual hosts, with their own service and security features.
  • Apache Web Server -- comes with a free and fully configured Apache Web Server that is tuned to receive the Tripwire for Web Pages product.
  • Easy installation module -- that simply plugs into an existing Apache installation or is installed with the included Apache Web Server.
  • Language support -- includes language support for Perl and PHP.
  • Cross-platform capabilities -- currently ported to a wide range of UNIX platforms and supports Apache 1.3.12, Sun Solaris 2.6, 7.x (2.7), 8.x (2.8) - SPARC, Sun Solaris 7.x, 8.x - x86, IBM AIX 4.3.3, HP-UX 11.0, Red Hat x86 (GLibC 2.0+), Caldera Linux x86 (GLibC 2.0+), SuSE Linux x86 (GLibC 2.0+), TurboLinux x86 (GLibC 2.0+), Mandrake Linux x86 (GLibC 2.0+), Debian 2.1 x86 (GLibC 2.0+)BSDI BSD/OS 4.x, Free BSD 3.x, 4.x, 5.x - x86, Open BSD 2.x - x86.
  • Installation package -- choice of text-based or graphical installation package. Tripwire for Web Pages is available immediately. Introductory price is ,095 in North America.

  • This article was originally published on Monday Apr 2nd 2001
    Mobile Site | Full Site