Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 26 September, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

What can site admins learn from Bashbug vulnerability?

by The Gurus
January 9, 2015
in Opinions & Analysis
Share on FacebookShare on Twitter

Once upon a time, life as a Linux or UNIX admin was pretty sweet, without nearly as many extended shifts or panicked phone calls in the middle of the night as poor Windows admins had to deal with.
 
Sadly, nothing lasts forever. With these systems coming to play such a widespread role in server management, it was inevitable that eventually somebody would find a vulnerability and exploit it. Nevertheless, the scale of the Bashbug crisis shocked everybody. What are the lessons we can learn to reduce the risk of something like this happening again?
 
What is the Bashbug?
If you’re one of the lucky ones and haven’t had to deal with this yet, the first thing you should be aware of is that it’s a problem affecting the UNIX Bash shell which issues and interprets commands given to servers by their admins.
 
In September last year it emerged that a vulnerability – dubbed Shellshock – meant that hackers had a backdoor into servers running Bash, so that they could run commands and effectively take over the servers. It seems likely that several systems were quietly hijacked like this before the story broke, enabling hackers to use them as zombies for doing things like cracking passwords, distributing spam or carrying out DDoS attacks, without the server owners knowing, though some of them may have wondered why everything was running so slowly.
 
Although patches for fixing Shellshock quickly became available, it’s thought that there as many as 500 million systems out there that remain vulnerable because nobody has yet realised that they need to be patched or found the right way to go about it.
 
Network vulnerabilities and the Internet of Everything
One of the reasons why the Bashbug has been hard to detect is that it’s buried at a very low level in old systems (going back 25 years), which generally don’t get checked in that much detail because they’ve been stable for such a long time.
 
The development on the “Internet of Everything” (aka IoE, one step beyond the Internet of Things and focused on the connection of infrastructure across multiple sites) has been the creation of many new vulnerabilities, both by enabling hackers to operate on a larger scale any by enabling them to reach beyond computers and access all kinds of things that we use in our everyday lives.
 
This means that the security of everything from burglar alarms to the food in our fridges can be compromised, not to mention entire public transport systems, city lighting grids and so on. In this situation, it’s vital to ensure that vulnerabilities like Shellshock are spotted as soon as possible and fixed immediately afterwards.
 
The shift in internet use from single business or domestic sites which connect with single ISPs to multiple devices connecting to multiple ISPs and each other means that access to a single server can potentially give a hacker access to many more, as harvesting passwords provides routes into other systems and areas as sensitive as people’s hospital records and finances. Therefore, it’s important not only to deal with the Bashbug locally, but also to promote widespread solutions because the security of individuals depends largely on the security of many.
 
Tackling the Bashbug
Even if you’ve already patched for the Bashbug, it’s not something you should forg
et about, as there have been reports of some patches not fully resolving the problem. The early ones were made and distributed as fast as possible, with no time for them to be checked as thoroughly as most such products.
 
Because of this and because hackers have been trying to develop workarounds, it’s important to treat Shellshock as an on-going problem. It’s also important to be wary if you have a Windows or Mac based system, as you may still have Bash running at a lower level (and Bash is part of many Mac systems anyway).
 
To make sure that this problem is eliminated and stays that way, you should make regular system checks at a deep level. Trend Micro provides some useful free tools for this, though its Deep Security software is the recommended choice if you want to do a really thorough search that also takes into account other potential system flaws. If you find that your system is vulnerable, it also provides a virtual patch that can give you the security you need.
 
Shellshock is unlikely to be the last problem of this type that we encounter, so managing this one effectively is important not only in the immediate term but because it can prepare us to act swiftly and effectively next time around.
 
 
Luke Salmond is a freelance writer specialising in the Tech and Web Development sector

FacebookTweetLinkedIn
Tags: BugFlawShellshockVulnerability
ShareTweet
Previous Post

Predicting 2015 – Flaws get bigger and badder

Next Post

Microsoft to abandon patch advance notifications

Recent News

CREST and IASME announce partnership with the NCSC to deliver Cyber Incident Exercising scheme

September 26, 2023
partnership

Cyberelements Partners with ABC Distribution Partners to Revolutionise Privileged Access Management in Europe

September 26, 2023
Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

Adarma Names James Todd as Chief Technology Officer, Reinforcing Dedication to Security Operations Excellence

September 25, 2023
Nurturing Our Cyber Talent

Nurturing Our Cyber Talent

September 25, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information