Re: Digitally Signing files

From: Jay Ferron (Support_at_interactiveSecuritytraining.com)
Date: 05/19/04


Date: Wed, 19 May 2004 11:09:59 -0400

I would look at Tripwire as a possible solution, Tripwire make a snapshot of
the files, directories, and will notify you of any changes, additions,
deletions, move, or replacements. go to www.tripwire.com

-- 
Jay Ferron ADSI, CISM, CISSP, MCP, MCDBA, MCSE, MCT, NSA - IAM, TCI
"Andrew Banks" <anonymous@discussions.microsoft.com> wrote in message
news:DC8747A1-2FE0-4085-B42F-7F096CA95000@microsoft.com...
> We're looking to improve security on our webserver by checking each
website directory perdically for files that have not been digitally signed
by us.
>
> The decission to do this has come from someone above me but I need to go
back with the following:
>
> How can you digitally signs files?
> A website can potentially have thousands of files - can you batch sign all
of them before uploading to the server?
> Is this a practical approach or are their other methods we could employ to
make sure no files have been uploaded without being digitally signed?
>
> Thanks
>