SDN Blog

What does Shellshock mean to you?

Posted on Monday, October 06, 2014 in Managed Firewall , Managed Router , Cybersecurity

Blog written by

Shellshock Questions Answered

In an age where information security is paramount, a day rarely goes by where new security vulnerabilities go undiscovered. The past two weeks are no different. The revelation of the Bash Shellshock vulnerability brings heightened awareness of interconnected and ubiquitous UNIX and Linux systems.

What you need to know?

The Shellshock security flaw—and the related discoveries are Remote Code Execution vulnerabilities. In this case, it involves the UNIX and Linux command shell called Bash. The Bash allows users to interact and operate the computer through typed or scripted commands. The Shellshock flaw, when exploited, tricks Bash into running programs when they are not authorized.[1]

While Shellshock affects all versions of Bash created since 1993[2], the impact is dependent upon what process is using the shell to execute the command. When fully exploited, a remote unauthenticated attacker could execute commands.[3] However, in many cases an attacker would have to be authenticated in order to successfully exploit Bash.   

What is SDN Communications doing?

Don’t worry, SDN is on the case. Immediately upon learning of the Shellshock flaw, SDN Communications reviewed our systems including the core network, internal servers, and workstations for specific vulnerability. Our evaluations determined our core network and routing was not impacted by the flaw. However, like all Linux and Unix based servers with Bash, some internal systems required updating. As patches were made available, our staff applied them accordingly. As with all such security issues, we continue to monitor the latest information and work with manufacturers to ensure our systems remain secure so you can Enjoy the Uptime.   

What you need to do?

Although it was just recently discovered, the flaw has existed for more than 20 years and is widespread. So, customers should always ensure they are protecting themselves, especially if they have webservers, firewalls, or routers with Bash. There is some good news. In order to protect your systems, simply patch and update the Bash program so that it won’t run unauthorized commands. Investigations are ongoing and manufacturers continue to evaluate their products and issue updates.

If you are not sure how you might be impacted:

  1. Talk to your IT staff about what systems might be running UNIX or Linux with Bash,
     
  2. Check to see whether your Bash is vulnerable,
     
  3. Check the manufacturer’s website for the latest list of impacted products and fixes. (A list of equipment manufacturers resources is listed below),
     
  4. Update software per manufacturer’s instructions.

How can SDN Communications help me?

If you don’t have an IT staff to help you or you are still not sure whether you might be vulnerable, it might be time to give SDN a call. Our Managed Services division handles both firewalls and routers. With Managed Services, you gain access to Network Security Experts whose sole job is to focus on network security. The automatic firmware updates that come with our Managed Services means that your router or firewall always has the most current and effective security measures in place. It would be like Shellshock didn’t even happen.

Resources 

 


[1] http://nakedsecurity.sophos.com/2014/09/25/bash-shellshock-vulnerability-what-you-need-to-know/

[2] http://www.pcworld.com/article/2689692/cisco-oracle-find-dozens-of-their-products-affected-by-shellshock.html

[3] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash