![](/uploads/1/2/7/2/127238841/539710583.png)
This paper draws on the authors’ experience in using SoftArc Intranet FirstClass™as a collaborative learning environment and discusses and exempli es the pros and cons of choosing this system.
List:Subject:From:Date:Download RAW or David Litchfield writes:SoftArc produce FirstClass Intranet Server andtheclient software used to access the server. The UserID and password toconnect to the server are stored in clear text by the e-mail client intherelevant.fc file.Mr. Litchfield is correct.
However, the documentation recommends that the userNOT store their userid and password in the settings document (the '.fc 'files referred to below). If it is stored, then anyone with physical access tothe client computer will be able to access the user's account on the FirstClassServer. It is very much like saving your POP3 password in Outlook and thengiving someone use of your computer while you are away from the console.Versions known to do this are 5.506 (the most up to date version) and3.5.Other versions are likely to have this problem too.All versions of FirstClass client software are affected. We presently have noplans to change this.5.506 stores the account information in the%FirstClassInstallDirectory%Settingshome.fcfile and 3.5 in the%FirstClassInstallDirectory%Settingsnetwork.fcfile.The account information can be saved to any FirstClass setting document.
Again,it is not recommended that anyone save password information for any protectedapplication where the client console is accessible to untrusted persons. Thisis especially true where the user is an administrator of a system.We are quite confident in the security of our products.
No one, to ourknowledge, has ever 'hacked' into a FirstClass server that has properpasswording in place.I have included the text of a document (below) that gives an overview of whyFirstClass is a secure email environment.If you have any further concerns or questions, please do not hesitate tocontact me or Jeff Parker in my absence.FirstClass and Security ConcernsFirstClass is designed as an extremely secure communications system. Thisdocument describes some of the strategies FirstClass utilizes to provide asecure medium for sensitive corporate communications.Today as organizations invite their customers, vendors and even the generalpublic to participate in electronic workgroup communications one of their mostimportant concerns is security.User Account Security:Every user's UserID and Password is distinct and unrelated to each other, orto the name of the user online. This makes it far more difficult to hack into auser's mail account.
With most e-mail systems logins are accomplished usingthe mail address, which is public.FirstClass offers packet-level encryption, every piece of data is encrypted.FirstClass uses a fast stream-level cipher on the packets as they aretransmitted. To ensure that each stream is uniquely encrypted, a randomchallenge-response is performed at link negotiation time.
Due to real-timecomputational limitations on a high speed stream the cipher is not ascryptographically strong as something like RSA, but is still very difficult tobreak.Almost all network applications, from file sharing to printing to mail exposecontent directly to anyone utilizing a simple packet analyzer program. Packetlevel encryption is inherent to FirstClass and, as such, works regardless ofwhether the system is communicating using TCP/IP, IPX, AppleTalk or even bymodem.Content/Conference Security:Unlike most mail systems, FirstClass offers a complete User and Group accesscontrol system, and provides this at both the system and the conference level.It is possible to control access to specific information, conferences, andfolders extremely tightly, by allowing the administrator to assign discreetlevels of access permissions for individual users, or groups, based on theirrequirements. An individual's access is secured through their unique User IDand Password which, as discussed above, is difficult to compromise.FirstClass and Network Security:Security risks, from outside the local area network, are generally associatedwith a remote access solution such as remote IPX or TCP/IP routers, ARA andterminal servers. These can easily expose a network to outside and potentiallydamaging access.FirstClass is an excellent network firewall.FirstClass allows connections directly to the server machine via both directmodem and remote TCP/IP protocols. There is no method for such a connection tobypass the server machine, access the network or access anything other than theFirstClass server, as controlled by the users' permissions.In the event that a user has gained knowledge of the Administrator's password(perhaps through observing the login process or other physical means) there isstill no facility to have access to the server machine's file structure or thenetwork.One of the reasons for this is that FirstClass employs entirely proprietaryprotocols that are designed to run on top of inherently secure operatingsystems.
Windows NT and the Macintosh O/S (both used as FirstClass servers)are not susceptible to the intrusive O/S level access provided by Unixoperating systems, which can effectively be reprogrammed over a remoteconnection.With FirstClass, users are completely locked into an environment that cannot beaccessed or bypassed from within that environment. If a user, in an attempt tobreak in, were to attempt to bypass FirstClass by somehow disabling FirstClass(which is not something FirstClass is susceptible to), the user would beinstantly disconnected when the server ceased working. FirstClass, because ithandles all of the communication protocols internally, is the only elementhandling the connection and no connection will exist when it ceases to function.The FirstClass Post Office files all reside on locked volumes, so the filesthemselves cannot be accessed from the network, except when logged in as aFirstClass user. This, as discussed above, strictly controls the level of fileaccess. This contrasts with several well-known e-mail products that requirethat their mail users have read AND write access to their post office filesthat must reside on an accessible volume on the file server.
This allowscompletely free ability to edit, corrupt or even delete select files. Thestandard method suggested to protect against this eventuality is to frequentlyback up the files in question so that restoration is more easily accomplished.While providing some protection against data loss, this in no way preventsintruders from gaining access to the information contained within the mailsystem.Physical Security:True security requires that the server machine and associated hard drives bephysically inaccessible. It is easily possible to retrieve information fromany hard drive, if the perpetrator can gain physical access to the server for aprotracted period of time.SoftArc's own internal FirstClass system, SoftArc Online, is used for bothinternal communications and for support of a body of approximately 10,000remote users. These individuals connect to SoftArc Online either via directmodem, or over TCP/IP from the internet. SoftArc is entirely confident inFirstClass' ability to protect our sensitive internal communications, regardingour product, directions and development from any outside intrusion. Any mail, upon leaving FirstClass using either the UUCP or SMTP internetprotocols become vulnerable to interception.Regards,Barry CarterMC2/SoftArc Inc.
Sponsored.
![](/uploads/1/2/7/2/127238841/539710583.png)