> Dell > Shellshock & Future Vulnerabilities - Buying Precious Time
 

Shellshock & Future Vulnerabilities - Buying Precious Time

White Paper Published By: Dell
Dell
Published:  Sep 23, 2015
Type:  White Paper
Length:  7 pages

The GNU Bash Code Injection Vulnerability, or Shellshock, affects Linux/UNIX systems by permitting execution of arbitrary commands in the context of Bash shell. Shellshock is relatively easy to exploit yet very high in severity, particularly through HTTP.

The best protection against Shellshock and similar vulnerabilities is a next-generation firewall (NGFW) (such as from Dell SonicWALL) that does not run Linux or UNIX. The signatures (such as the ones addressing Shellshock) immediately update NGFWs with Intrusion Prevention Service (IPS) to prevent sophisticated exploits early in the kill chain while buying enterprises valuable time to properly review and execute their software patching and update plans.

Shellshock was not the first widespread network vulnerability and it will not be the last. As an example of the Dell SonicWALL approach, this white paper provides IT managers and network administrators with background and insights about similar vulnerabilities:
Why vulnerabilities like Shellshock are so dangerous
How Shellshock works
How attackers exploit network vulnerabilities like Shellshock
How to buy time and protect networks from exploits
What to do about future vulnerabilities



Tags :