Are You Monitoring Your Servers for Bugs Like Heartbleed, Shell Shock & Poodle?

Server Monitoring For Computer & Internet Bugs
Photo By wongo888 (Flickr: Brown Computer Bug) - CC-BY-2.0 via Wikimedia Commons

The internet has been around for more than half a century, going back to the 1960s when the US Department of Defense first awarded contracts for packet network systems. With each passing decade, we saw a greater proliferation of the net into more areas of our lives, transforming our world into a global, knowledge-based civilization; however, one of the big problems with today’s internet technology is the abundance of security bugs, lingering from out-of-date nodes in the net.

The Heartbleed Bug Is No Joke

On April 1st, and this was no April Fool’s Day joke, a security expert at Google named Neel Mehta discovered the Heartbleed bug, a huge security vulnerability in Open SSL cryptology that mimics the heartbeat of computers; confirming an active connection, or pulse. According to Mashable Chief Correspondent, Lance Ulanoff:

For almost as long as we’ve had personal computers, I’ve been writing about their various vulnerabilities. Yet in all those years I’d never come across anything like Heartbleed — the Internet’s first branded security hole. Mashable

Supporting the Heartbleed brand is a dedicated website that provides a comprehensive, yet understandable overview of Heartbleed and its potential harm:

The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users. Heartbleed.com

HeartBleed Bug Logo
Photo By Global Panorama (Flickr: Heartbleed Logo) [CC-BY-2.0 via Wikimedia Commons]
In other words, hackers could potentially exploit sites using OpenSSL cryptology to intercept sensitive information like passwords, credit card numbers, billing addresses etc. Most major sites have now been patched, but back in the spring the threat of the Heartbleed bug caused seriour disruptions such as the temporary shut down of some government websites, prompting 40% of Americans to change their passwords.
Server Monitoring Bash Bug (Aka Shellshock)

Photo By Nguyen Hung Vu (Flickr: GNU Bash Shellshock Hits) [CC-BY-2.0 via Wikimedia Commons]

Bash Bug Leaves Many in Shellshock

Just as we were coming to grips with the potential threats generated by Heartbleed, a new and even more virulent bug was brought to light called Bash Bug:

‘Bigger than Heartbleed’: Bash bug could leave IT systems in shellshock… Just months after Heartbleed made waves across the Internet, a new security flaw known as the Bash bug is threatening to compromise everything from major servers to connected cameras. CNET

The Bash Bug is a flaw in the code used by Unix based operating systems and devices, such as Apple’s OSX that appears to have originated back in 1980, but just became generally known as a world-wide security flaw this fall. The severity of this bug, has made it a top priority for almost every sysadmin in the world, prompting quick action from major internet players:

Google has taken steps to fix the bug in both its internal servers and commercial cloud services, a person familiar with the matter said. Amazon released a bulletin [Sept. 25] that showed Amazon Web Services customers how to mitigate the problem. Wall Street Journal

Every Bug Has Its Bite, Even The Cuddly Poodle

Incredulously, in October of this year yet another security vulnerability, stemming from older technology, was revealed:

Google researchers have uncovered a bug in web-encryption technology that could allow hackers to take over email, banking and other online accounts. Dubbed Poodle, the threat is said to be less severe than Heartbleed, which sent the security industry into panic earlier this year. BBC

As the IT community continues to get hit by a series of outdated flaws, analogies that help us understand the severity of these potential internet threats and server vulnerabilities are cropping up:

  1. Bash Bug (aka Shellshock): The best you can do is run for cover.
  2. Heartbleed: Call 911, my computer’s heart is bleeding, but the IT paramedics can do some amazing things.
  3. Poodle: Smart, beautiful dog, but don’t kid yourself about its bite… it has sharp teeth.

The POODLE bug may sound silly, but it can cause some serious damage. POODLE, which stands for Padding Oracle on Downloaded Legacy Encryption, makes it possible for hackers to snoop on a user’s web browsing. The problem is an 18-year-old encryption standard, known as SSL v3, which is still used by older browsers like Internet Explorer 6. TIME

News Flash: in the past couple weeks, news is spreading that some TLS implementations can be vulnerable as well, affecting as much as 10% of all websites. This new bug has been labelled CVE-2014-8730, or POODLE 2.0 and is much more serious than the original POODLE bug.

Are Your IT Systems and Servers Protected?

With time, many of these bugs will exterminated as the architecture that supports them modernizes, but the key to resolving issues that arise right now is knowing when you’ve been infected, or even better, when you have the proper patches installed, to prevent infection.

At Frameflow we understand this, and have created some instructions showing how you can verify if you have the necessary patches installed on all your systems for such threats as the Poodle Bug or the latest from Micosoft, KB3011780 (MS14-068) using Frameflow Server Monitor. Not a customer, no problem, you can test drive our software for 30 days at no cost or obligation.