Skip navigation
Skip navigation
You are using an outdated browser. Please upgrade your browser.



TRIPWIRE SOFTWARE GUARDS AGAINST WEAKNESSES IN THE APACHE WEB SERVER SOFTWARE


Tripwire Integrity Alert: IA070102


The US internet security institute Cert recently issued a warning of a serious vulnerability within the open source Apache web server software. According to their findings, depending on the version of Apache they are running, a large proportion of the world’s websites could be at risk from attack. Versions 1.3 to 1.3.24 and 2.0 to 2.0.36 of the Apache web server software are flawed with a security hole that could allow hackers to run arbitrary code or launch a Denial of Service (DoS) attack on both Windows and UNIX systems.


Whilst the full extent of this problem is yet to be revealed, Tripwire, international data integrity solutions provider, has announced that its software solutions are equipped to combat such attacks.


Tripwire for Servers is a software package that is designed to detect changes to server data, whether from outside the organisation or from within. This data integrity solution for servers is able to rapidly recognise changes made by attackers executing arbitrary code. Having identified any harmful events, Tripwire for Servers is then able to carry out an automated restoration using its new ICE feature, verifying data and file integrity against a known good source. The ability of Tripwire for Servers to mitigate new and unknown threats makes it a valuable edition for key servers within the organisation.


In addition, Tripwire for Web Pages (Apache edition) is able to automatically restore web pages modified by an attack, preventing hacked content ever being displayed to the public, whilst providing network administrators with an immediate alert.


Ian Tickle, Channel Manager for Tripwire UK commented; “This latest scare has left a great deal of companies feeling vulnerable and unprotected. Solutions such as Tripwire for Servers and Tripwire for Web Pages provide valuable peace of mind whilst Cert continues to ascertain exactly who will be affected. The implementation of such measures, which are especially powerful when combined on the same system, will allow companies to pass on assurances to their customers, partners and suppliers, that their data will remain uncompromised.”


Tripwire Interviews


Tripwire security experts are available to comment on the nature of this attack. Interested media should contact Alex Murphy at +44 (0)1494 434 434 or alexm@strategicpr.net


About Tripwire Inc.


Tripwire Inc. is the Data Integrity Assurance Company. Tripwire software assures the integrity of data by establishing a baseline of data in its desired state, detecting and reporting any changes to the baseline, and ensuring rapid discovery and remediation when undesired change occurs. Tripwire is highly recommended as a Best Practice by many security advisory groups and is featured in the NSA's "60 Minute Security Guide." Tripwire customers include Global 3000 companies, e-business corporations and key public sector organisations such as Intuit, AT&T, Ernst & Young and the U.S. House of Representatives. Tripwire is headquartered in Portland, Ore., with offices in Japan, UK, France and Germany, and users in 92 countries around the world.


For more information about Tripwire, please visit the company Web site at http://www.tripwire.com


This press release was distributed by ResponseSource Press Release Wire on behalf of Strategic Public Relations Ltd in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.