Breach Security Inc. (originally sponsored by Gilian Technologies Inc.): BreachGate Sitegrity 2.5 (formerly G-Server version 2.5)
The Gilian Technologies G-Server prevents the defacing of a web site by monitoring
the objects (web pages, images, applets, etc.) that the web server serves, checking each for
authenticity and replacing unauthorized objects with its own authorized copy of the object. If an
attacker manages to break into the web server and take full control of its functions and modify its
content, the end user will continue to get authentic copies of the protected objects as if nothing
had changed and the administrators will be alerted to the potential problem.
The G-Server is connected between a web server and an untrusted network. It
works below the IP layer and presents no IP address of its own to the untrusted side of the
network. The G-Server is preloaded via a trusted channel with copies of the server objects that
are to be protected and their digital signatures. This is done every time the content of objects are
legitimately changed. The private key used to generate the signatures is not stored on the web
server being protected or on the G-Server.
When protected objects are served, the G-Server checks the signature of the object as it passes
on its way to the user. If the signature verifies or there is no signature for the object, it is allowed
to pass. If the signature does not verify, the object is replaced by an authorized copy and any of
several types of alarms are raised.