Call us: 800.288.7387
salesteam@nyi.net
  • Get a Quote
  • Login
NYINYINYINYI
  • Solutions
    • Cloud Solutions
    • Colocation & Data Centers
    • Bare Metal
    • Network & Interconnection
    • Professional Services
    • Managed Services
  • Resources
    • News
    • Events
    • Blog
  • About NYI
    • The NYI Difference
    • Industries We Serve
    • Testimonials & Case Studies
    • Partner Program
    • Careers
    • Community
    • Compliance
  • Contact
Next Previous

FTW Protects Customer Web Sites against ShellShock

30 September, 2014

Post by: Mark Staudinger
This blog is Part 1 of a two-part series 

The “Big 3” benefits to NYI’s Fault Tolerant Web (FTW) service are Speed, Stability, and Security.  Depending on the day, one of these three might seem to be more important; but when a newly discovered vulnerability like ShellShock is turned into an active exploit seen “in the wild” (as opposed to the test lab) the security for public-facing services, such as your web site, become of critical importance.

ShellShock in particular holds a significant potential threat, mainly because the target (the “Bourne Again Shell”, or “Bash”) exists on a large number of Unix-type server platforms, and the vulnerability is relatively easy to exploit.  In addition, the Bash program itself has not been fully patched (yet), so administrators do not have the confidence that all of the vulnerabilities associated with it have been addressed.

  • Target-rich environment

Bash is a command interpreter, or shell, that is available for most Unix-type Operating Systems.  On Linux, not only is Bash part of the base installation, it is the default shell for all users, including the “root” super-user.  Other Operating Systems require that the user install the Bash shell separately, but many administrators choose to do so for reasons of preference or compatibility.  The developers of Bash estimate that the vulnerable portion of code was added around 1992, which means that it has had plenty of time to become truly ubiquitous, especially on Linux platforms.

  • Easy to craft exploit

One aspect of the ShellShock exploit is that it does not need to be customized to any significant degree for the target platform. It also does not require that the attacker have any programming experience.  The easier an exploit is to craft, the higher the number of would-be attackers.  Some exploits involve stack or variable overflows that need to be customized by someone with programming experience. ShellShock, conversely, is a relatively easy exploit to implement, as commands are passed directly to the shell and executed as-is.  Customization is not needed and it can be implemented with little to no programming experience. All this means a faster adoption of an exploit by more attackers, resulting in a fairly good chance of success.

  • No official patch

When ShellShock was announced, the Bash developers quickly released a patch that eliminated one known-vulnerable portion of code (CVE-2014-6721).  However, a more thorough audit revealed at least two more vulnerabilities (CVE-2014-7619) that are still being addressed.  At the time of writing, there is an “unofficial” patch from RedHat employee Florian Weimer, which seems to be the best option for system administrators.

NYI designed its FTW service to block all kinds of attempts to exploit vulnerable code within your web application.  Many of these exploits use common vectors and methods to try to insert their malicious code.  When the details of the ShellShock vulnerability were released, it was time to take a look at how FTW was handling these exploit attempts, and make sure that we were protecting against not just the known active exploits, but the variations that can be expected as the use of the exploit becomes more diverse.

Our next post will take a deeper look into NYI’s FTW service and how it protects web sites and web applications.

 

Recently on the NYI Blog

  • JEMB Realty Selects NYI to Re-establish 75 Broad as NYC Interconnection Hub
  • NYI Expands 60 Hudson Street Operations
  • 1025Connect Selects NYI as Strategic Partner for Relaunch
  • NYI Newsletter: 4Q 2021
  • DE-CIX and NYI Expand Partnership in North America

NYI
NYI is a trusted infrastructure partner to small and medium-sized enterprise clients across a range of industries. We drive infrastructure optimization through flexible integrated hybrid IT solutions and strategic partnerships that result in cost and performance efficiencies. Our experts offer insights and end-to-end support so that your teams can be freed to focus on innovation and growth.

Recent Tweets

Have you heard? @7x24Exchange is launching a New England Chapter on 3.22! NYI COO Phillip Koblence is excited to be an Inaugural Speaker, joining @nabeelmahmood & @carriejgoetz, in discussing the future of the #datacenter industry! #digitalinfrastructure https://t.co/mDO4m8LOfx https://t.co/xivl7fP7Hg

- 16 hours ago

Some insights from @Gartner_inc for women tech leaders: https://t.co/ypJgwUy8eF Happy #InternationalWomensDay! #EmbraceEquity

- 6 days ago

Follow @nyinternet

Contact Us

  • New York City
    60 Hudson Street
    New York, New York 10013
  • Chicago
    800 Jorie Blvd.
    Oak Brook, IL 60523
  • NYI Headquarters
    T: 212.269.1999     
    T:
    800.288.7387
  • Terms and Conditions
  • Service Level Agreement
  • Privacy Policy
New York Internet
Copyright 2023. All rights reserved worldwide.
  • Solutions
    • Cloud Solutions
    • Colocation & Data Centers
    • Bare Metal
    • Network & Interconnection
    • Professional Services
    • Managed Services
  • Resources
    • News
    • Events
    • Blog
  • About NYI
    • The NYI Difference
    • Industries We Serve
    • Testimonials & Case Studies
    • Partner Program
    • Careers
    • Community
    • Compliance
  • Contact
NYI