Call us: 800.288.7387
salesteam@nyi.net
  • Get a Quote
  • Login
NYINYINYINYI
  • Solutions
    • Cloud Solutions
    • Colocation & Data Centers
    • Bare Metal
    • Network & Interconnection
    • Professional Services
    • Managed Services
  • Resources
    • News
    • Events
    • Blog
  • About NYI
    • The NYI Difference
    • Industries We Serve
    • Testimonials & Case Studies
    • Partner Program
    • Careers
    • Community
    • Compliance
  • Contact
Next Previous

FTW Protects Customer Web Sites against ShellShock – Part 2

1 October, 2014

Post by: Mark Staudinger
This blog is Part 2 of a two-part series

Previously, we took a look at Shellshock and how it has wreaked havoc on thousands of computers over the past few weeks, making it easy for hackers to gain control over websites and computers systems.  NYI designed its Fault Tolerant Web (FTW) service to protect against online threats, provide DDoS mitigation and protection and block web exploits before they reach your server.

The good news is that FTW, using the security policies in place when ShellShock was announced, was actively blocking ShellShock exploit attempts.  Since then, we have added additional security policies that are specific to ShellShock, to better protect against any variations on the type of attack that we’ve already seen reach our edge nodes.

As we await the official patch for Bash, and as the scope and number of these ShellShock exploits inevitably rise, our FTW-enabled customers can rest easier, knowing that their servers are protected externally.

9/29 tally:  367339 blocked web requests.  Of those, fewer than 38000 were exploit attempts, and of those, only 475 were ShellShock exploit attempts – slightly more than 1%.  These numbers will likely rise in the coming days and weeks.

———————-
LINKS:

CVE-2014-6721 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6271
CVE-2014-7169 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-7169

Bash patch still not finalized: http://mashable.com/2014/09/29/shellshock-additional-vulnerabilities/
———————-

Security is a primary component of FTW

Shellshock poses a significant threat because Bash is so ubiquitous on Unix servers, and the vulnerability is fast and easy to exploit for non-programmers.  Also, the Bash patches are still a work in progress, and it’s not clear that all of the vulnerabilities have been fixed.  So, while individual servers can and should be patched, additional protection is useful to cover those vulnerabilities that are not patched.

Summary: We knew that FTW’s existing security policies blocked most of the Shellshock exploits attempts.

NYI expanded security policies to protect against known Shellshock attacks and likely derivations.

FTW includes ShellShock protection as part of the “basic security” feature, provided at all service levels.

Recently on the NYI Blog

  • JEMB Realty Selects NYI to Re-establish 75 Broad as NYC Interconnection Hub
  • NYI Expands 60 Hudson Street Operations
  • 1025Connect Selects NYI as Strategic Partner for Relaunch
  • NYI Newsletter: 4Q 2021
  • DE-CIX and NYI Expand Partnership in North America

NYI
NYI is a trusted infrastructure partner to small and medium-sized enterprise clients across a range of industries. We drive infrastructure optimization through flexible integrated hybrid IT solutions and strategic partnerships that result in cost and performance efficiencies. Our experts offer insights and end-to-end support so that your teams can be freed to focus on innovation and growth.

Recent Tweets

Learn more about #InternationalDataCenterDay (3.22) via @dcfrontier. Our COO Phillip Koblence will celebrate the day by speaking about the future of the #datacenter industry at the Inaugural Event of the @7x24Exchange New England Chapter. https://t.co/uLKcojdjQd

- 15 hours ago

Have you heard? @7x24Exchange is launching a New England Chapter on 3.22! NYI COO Phillip Koblence is excited to be an Inaugural Speaker, joining @nabeelmahmood & @carriejgoetz, in discussing the future of the #datacenter industry! #digitalinfrastructure https://t.co/mDO4m8LOfx https://t.co/xivl7fP7Hg

- 7 days ago

Follow @nyinternet

Contact Us

  • New York City
    60 Hudson Street
    New York, New York 10013
  • Chicago
    800 Jorie Blvd.
    Oak Brook, IL 60523
  • NYI Headquarters
    T: 212.269.1999     
    T:
    800.288.7387
  • Terms and Conditions
  • Service Level Agreement
  • Privacy Policy
New York Internet
Copyright 2023. All rights reserved worldwide.
  • Solutions
    • Cloud Solutions
    • Colocation & Data Centers
    • Bare Metal
    • Network & Interconnection
    • Professional Services
    • Managed Services
  • Resources
    • News
    • Events
    • Blog
  • About NYI
    • The NYI Difference
    • Industries We Serve
    • Testimonials & Case Studies
    • Partner Program
    • Careers
    • Community
    • Compliance
  • Contact
NYI