By now you may have heard about the latest internet security threat known as “Bash Bug” or “Shellshock.” This threat, if exploited, can allow an attacker to control and send commands to a vulnerable device. We have been tracking this threat since it became public last Wednesday night and continue to review information as vendors provide assessments and patches for their products.
This threat has received the highest rating for both impact and ease of exploitability according to the National Institute of Standards and Technology:
This threat is due to a bug in a very common component found on Apple and Linux devices. The scope is enormous because Linux is found not only in typical computer gear such as servers, routers, and firewalls–but also in appliances such as wireless access points, cameras, alarms, phone systems, HVAC, etc. Public Web sites may be particularly vulnerable to this threat.
Because there are so many potentially vulnerable devices detection and remediation can be difficult. Here are some recommendations to assist in identifying vulnerabilities on your network.
- Make a list of all your public-facing equipment (typically routers, firewalls, servers) and contact the vendor to determine if their equipment is vulnerable and if there is a patch available.
- Make a list of 3rd party vendors that provide public-facing web services on your behalf such as your web hosting service, email services, etc. and contact those service providers to make sure affected system have been patched.
- Check your internal network for appliances that may have a web, telnet, or SSH based user interface. Contact the vendor to determine if their equipment is vulnerable and if there is a patch available.
The process of identifying vulnerable devices, especially on your internal network, may be difficult. Par3.IT can perform due diligence on your external and internal network for you. The costs are as follows:
- 2 hours of labor to identify POSSIBLE vulnerable systems on your internal and external network including your public web site.
- Optionally, and at an additional cost, we can contact the vendor of the POSSIBLE vulnerable systems to determine if the product is actually vulnerable, and if so then perform remediation.
Please call for further information or fill out the form below to schedule a scan of your network
[contact-form-7 id=”6092″ title=”Contact form 2″]