USA India
Home Articles UserTV Press Releases Dictionary Books Education Careers B-Channels Resources Forums Blogs Classifieds
Sunday 6 Jul, 2008 eNewsletter Register Login
 
 
 
 Magazine >>
1998-06-16 00:00:00
How Secure is Your E-commerce?
Red Hat's new Secure Web Server plus a peek at Linux 5.1
Posted by : Maggie Biggs
A mobile employee needs to access the company intranet database for the latest sales figures. A regular supplier needs to send you confidential information. How can you be sure you're dealing with the right people? And how can you keep your communications with them truly secure? The answer is adding Secure Sockets Layer (SSL) and digital certificates to your Web server.

Of course, if you run your server with Windows NT or similar products from Netscape or Lotus, you already have support for SSL and digital certificates. But Linux users haven't been quite so blessed-until now. Although the free Apache Web server offers a robust SSL implementation, it doesn't support digital certificates. Red Hat's new Secure Web Server finishes the job by pulling Apache-SSL and digital certificate support into one neat package.

Now, would I run a heavy-duty commerce site with Red Hat Secure Web Server? Probably not. But it's a good solution-and NT's equal-for extranets (where you exchange sensitive information with another company) and intranets used by remote employees.

Meet SSL

You use the TCP/IP protocol to communicate across the Internet and the HTTP protocol to browse your favorite Web site. When you implement SSL on your Web server, it's sandwiched between TCP/IP, HTTP, and other application protocols such as FTP. SSL provides data encryption, server authentication, message integrity, and optional client authentication during the session.

SSL does all of this more or less transparently. Let's say an authorized customer wants to access your secure SSL commerce Web server connected to your intranet. Before the customer even taps in her Visa card number, her browser sends your commerce server a connection request and a public key that uniquely identifies the customer. The server sends back an encrypted response that includes connection information and the server's public key. The browser responds with an encrypted message requesting a private session key. When the customer finally buys a product and supplies her credit card number, the information and private key are encrypted and sent to the server. Not only is the credit card number secure, but the server can truly authenticate the customer's identity. This swapping of encrypted information and keys continues for the duration of the online ordering session.

The Certificate Angle

What Red Hat's $99 Secure Web Server adds to the Apache-SSL mix is support for digital certificates. It lets visitors confirm the identity of the organization running the Web server.

On the server side, your Webmaster must create a random encryption key and place it in a certificate request file. (Red Hat's Secure Web Server does that with two keystrokes.) The certificate request and documents verifying your company's existence (such as a copy of your business license) are then sent to a certificate authority. The certificate authority is a third party that verifies your company's claims and supplies you with a digital certificate that can be placed on your Web server.

Now when customers visit your site, they'll know for certain they're dealing with you and not some rogue hacker. Their browsers will display a notice and let them view your certificate. That should go a long way toward easing their anxieties about parting with credit card and other sensitive information.

Just keep in mind that the peace of mind certificates offer is limited. For starters, there are a number of competing certificate authorities, and they're all mutually incompatible. Red Hat's Secure Web Server supports two of the more popular providers, VeriSign (www.verisign.com) and Thawte (www.thawte.com). Also, visitors must also be using either Navigator 3.x/4.x or IE 4.x. And adding certificates to your server costs money. VeriSign charges $349 for the first Web server and $249 for each additional server, while Thawte generally charges $125 per server. (Red Hat customers get $25 off.) Finally, digital certificates aren't foolproof. Certificates have been copied, stolen, or hacked. (For more information, see "Certifiable" at www.currents.net/magazine/national/1516/intb1516.html.)

By the way, Red Hat's Secure Web Server offers other goodies. You get Perl scripting access to Apache's C programming interface and PHP scripting support, which are faster alternatives to CGI. There's also a proxy server that speeds user browsing by storing frequently viewed pages in a RAM or disk cache. And you get a utility that tracks server activity.

Meet Linux 5.1

While testing Secure Web Server, I also spent time with Red Hat's Linux 5.1 and was impressed with its stability and completeness. Installation has been greatly streamlined and includes helpful extras, such as a back key so you can step back to the previous dialog box. There's also the new LinuxConf utility, which lets administrators easily control settings from a single interface.

Do you need to back up network information, servers, and clients? Linux 5.1 has got it. You also get a CD-ROM chock-full of functional Linux software, such as WordPerfect 7.0 (limited to 30 days), Principia (Web serving), and Regullis (accounting).

Altogether, Red Hat's two offerings-Secure Web Server and Linux 5.1-are worth serious consideration. Linux 5.1 gives you everything you need to run your intranet and then some, and you get 90 days of e-mail and fax support. Secure Web Server is the only product I know of that adds digital certificates to Apache-SSL. Of course, if you don't need certificates, just download Apache-SSL for free at www.apache-ssl.org. Both products offer terrific value, stability, and a wealth of necessary features.

© 1998 Maggie Biggs. All rights reserved.

Maggie Biggs is a senior analyst at the InfoWorld Test Center, where she evaluates emerging application and database technologies. You can reach her at maggie_biggs@infoworld.com or care of Computer Currents.

Where to Buy

Red Hat Secure Web Server 1.0
Red Hat Linux 5.1
Red Hat
888/733-4281
www.redhat.com
List price: $49.95, Linux 5.1; $99.95, Secure Server


Related Linux Articles


 
 
Copyright © 2008 ComputerUser Inc.
About us | Terms of use | Privacy Policy | Legal | Trademark/Copyright | Awards | Advertise | Writer guidelines | Sitemap | Contact | FAQ's | Feedback  | Link to us

Here are the topics we cover computer certification computer careers computer training computer games consulting data recovery data security digital entertainment emerging technology gadget reviews handheld computers hardware reviews home automation home networks home office how-to advice internet linux local companies local news local profiles macintosh mp3 players network security online music online security open-source small-business technology soho software reviews technology books technology dictionary vpn web site reviews wi-fi windows wireless technology tech articles tech news press releases tech dictionary education resources career solutions create your personal blog upload your videos become a writer usergroups special interest group SIG 3com cipts adobe adobe certified expert apc ncpi apple achds acpt acsa actc avaya bea 8.1 certified administrator 8.1 certified architect 8.1 certified developer 9 certified administrator bicsi rcdd checkpoint ccmse ccsa ccsa ngx ccse ccse ng plus with ai ccse ngx cisco access routing and lan switching ccda ccdp ccie ccip ccna ccnp ccnp old ccsp ccvp crmam ip communications optical proctored exams for validating knowledge sales specialist storage networking vpn and security wireless lan citrix cca 3.0 cca 4.0 cca 4.5 cca xp ccea 3.0 ccea 4.0 ccea xp ccia ciw ciw associate ciw certified instructor master ciw admin master ciw designer master ciw enterprise developer security analyst comptia a+ network+ security+ server+ computer associates ca cusa cuse cwna cwna cwsp dell eccouncil cea cep certified ethical hacker chfi e-commerce architect emc emc specialist implemenation technology foundations enterasys ese eta exam express exin exin itil extreme networks ena ens filemaker f7cd f8cd fortinet fortigate foundry cne fujitsu fujitsu guidance software ence hdi css hda hdm hdsa hitachi hitachi certified professional hp ais apc app aps ase certified systems developer csa cse master ase huawei hcne hyperion hcp ibm advanced deployment professional advanced technical expert application developer business process analyst certified administrator certified advanced system administrator certified advanced technical expert certified associate developer certified enterprise developer certified solution designer certified specialist certified systems expert database administrator db2 deployment professional enterprise developer eserver certified specialist ibm on demand business solution advisor solution designer solutions developer solutions expert storage administrator system administator iisfa cifi intel isaca cisa isc cissp sscp iseb itil ism cpm juniper jncia jncis legato lcaa lcea lotus clp lpi lpic level 1 lpic level 2 lpic level 3 macromedia mcafee mcdata csnd microsoft crm mbs mcad .net mcdba mcdst mcitp mcp mcpd mcsa longhorn mcsa 2003 mcsa 2008 mcsd .net mcse mcse 2000 security mcse 2000 to mcse 2003 upgrade mcse 2003 mcse 2003 messaging mcse 2003 security mcse 2008 mcts microsoft business solutions microsoft partner competency mile2 cnsa network appliance nac-na nac-nie naca nace nacp network general sniffer certified professional nokia nokia security administrator nortel ncde ncds ncse ncss ncts novell5 cna 5 cne 6 cna 6 cne 6.5 cne cne upgrade omg ocup oracle 10g dba 10g oca 11i 8i dba 9i dba 9i internet application developer oca ocp8 to ocp8i dba upgrade exam pmi project management professional polycom pcve redhat rhce rhct sair sas institute sas scp saas scp snia snia certified architect snia certified professional snia certified systems engineer snia storage networking certification program administrator professional associate symantec scse scsp scta scts teradata tca v2r5 tcad v2r5 tcda v2r5 tcis v2r5 tcm v2r5 tcp v2r5 tia ccnt ctp tibco tcp trusecure ticsa veritas infraguard chamber of commerce vcp vmware certified professional webex linkedin facebook myspace Professional page layout, image editing, vector illustration, and print production Website design, development, prototyping, and blogging Creation of rich interactive content Industry-standard visual effects and motion graphics Video capture, editing, and production; DVD titling; and digital audio, Adobe Photoshop CS3 extended, Adobe illustrator CS3,Adobe indesign CS3,Adobe Acrobat 8 Professional, Adobe Flash CS3 Professional, Adobe Dreamweaver CS3,Adobe Contribute CS3,Adobe Fireworks CS3,Adobe After Effects CS3 Professional, Adobe Premiere Pro CS3,Adobe Soundbooth CS3,Adobe Encore CS3,Adobe OnLocation,Adobe Bridge CS3,Adobe Version Cue CS3,Adobe Device Central CS3,Adobe Stock Photos, Intel Pentium 4 (1.4GHz processor for DV; 3.4GHz processor for HDV), Intel Centrino, Intel Xeon, (dual 2.8GHz processors for HD), or Intel Core, Duo (or compatible) processor; SSE2-enabled processor required for AMD systems Microsoft Windows XP with Service Pack 2 or Microsoft Windows Vista Home Premium, Business, Ultimate, or Enterprise (certified for 32-bit editions) 1GB of RAM for DV; 2GB of RAM for HDV and HD; more RAM recommended when running multiple components 10GB of available hard-disk space (additional free space required during installation) Dedicated 7,200 RPM hard drive for DV and HDV editing; striped disk array storage (RAID 0) for HD; SCSI disk subsystem preferred Microsoft DirectX compatible sound card (multichannel ASIO-compatible sound card recommended),1,280x1,024 monitor resolution with 32-bit color adapter Blu-ray burner required for Blu-ray Disc creation OHCI compatible IEEE 1394 port for DV and HDV capture, export to tape, and transmit to DV device QuickTime 7.1.2 software required to use QuickTime features Broadband Internet connection required for Adobe Stock Photos* and other services