Army caches hackers
- By Dan Carney
- May 08, 2000
The Regional Computer Emergency Response Team (RCERT) at Fort Huachuca has
installed seven World Wide Web caches for Army customers across the country,
according to Robert Kane, principal network security engineer for the team.
Kane sets up caches to defend the public Web sites of various commands against
being defaced by hackers.
"We've got it set up as a reverse proxy," Kane said. "All of the connections
come to the proxy instead of to the Web server, so most of the hacks that
are out there will be ineffective." RCERT's proxy uses a Network Appliance
NetCache 720 Web cache loaded with about 70G of disk space.
So far, no hackers have successfully defaced or otherwise breached any
of the sites protected by the cache servers, he said, although there have
been attempts. Protecting public Web sites from embarrassing alterations
may not be a matter of national security, but the Army may apply techniques
developed guarding those sites to more sensitive servers. "There is some
interest in doing this on classified networks," Kane said.
RCERT installed its first cache in November 1998, so the team is well-
acquainted with the technology. One shortcoming that Kane would like to
see addressed is the inability of caching servers to handle encrypted transactions.
"Caching technology has not caught up with Secure Socket Layer, so you cannot
do secure Web pages with a proxy," he said. "We would really like to have
the ability for the proxy to handle encrypted transactions."