Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: Re: Security Hole in Axent ESM

Re: Security Hole in Axent ESM

Douglas G Conorich (conorichUS.IBM.COM)
Thu, 27 Aug 1998 16:25:41 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Julian Cowley: "Re: News DoS using sendsys"
Previous message: Douglas G Conorich: "Re: Security Hole in Axent ESM"
Maybe in reply to: dcuppSNAKEBITE.COM: "Security Hole in Axent ESM"
Next in thread: Steve Jackson: "Re: Security Hole in Axent ESM"

Just for grins, I talked to AXENT today and asked about the file check using
CRC's to see what they would tell me.  They told me that ever since ESM release
4.5 (May 1998), the product has offered a choice of either CRC or MD5
(cryptographic signature).  Intruder Alert's file watch capability also allows
a choice of CRC or MD5.

Douglas G. Conorich                                       IBM
Senior Internet Security Analyst                   P.O. Box 595
Internet Emergency Response Service   Clearfield, UT 84015 U.S.A.

Next message: Julian Cowley: "Re: News DoS using sendsys"
Previous message: Douglas G Conorich: "Re: Security Hole in Axent ESM"
Maybe in reply to: dcuppSNAKEBITE.COM: "Security Hole in Axent ESM"
Next in thread: Steve Jackson: "Re: Security Hole in Axent ESM"