Army caches hackers

The Regional Computer Emergency Response Team (RCERT) at Fort Huachuca has

installed seven World Wide Web caches for Army customers across the country,

according to Robert Kane, principal network security engineer for the team.

Kane sets up caches to defend the public Web sites of various commands against

being defaced by hackers.

"We've got it set up as a reverse proxy," Kane said. "All of the connections

come to the proxy instead of to the Web server, so most of the hacks that

are out there will be ineffective." RCERT's proxy uses a Network Appliance

NetCache 720 Web cache loaded with about 70G of disk space.

So far, no hackers have successfully defaced or otherwise breached any

of the sites protected by the cache servers, he said, although there have

been attempts. Protecting public Web sites from embarrassing alterations

may not be a matter of national security, but the Army may apply techniques

developed guarding those sites to more sensitive servers. "There is some

interest in doing this on classified networks," Kane said.

RCERT installed its first cache in November 1998, so the team is well-

acquainted with the technology. One shortcoming that Kane would like to

see addressed is the inability of caching servers to handle encrypted transactions.

"Caching technology has not caught up with Secure Socket Layer, so you cannot

do secure Web pages with a proxy," he said. "We would really like to have

the ability for the proxy to handle encrypted transactions."