How to Protect Your Network Infrastructure From Shellshock

Written by David DeSanto and Ankur Chadda

Recently, the media has been abuzz with Shellshock (also known as Bashdoor) vulnerability. This comes in an array of vulnerabilities that are being discovered daily. It should come as no surprise that products today still ship with software bugs, and vulnerability discoveries like these are not going to stop in the future. So what can be done to provide protection or at the least minimize the impact of such vulnerabilities?

Like the old adage, knowledge is power. Knowing about vulnerabilities as soon as possible is important so that corrective action can be taken—like installing updates and patching the holes that have been discovered. This is important as any vulnerability that gets published becomes accessible to second hand users who can exploit it.

Protecting against Shellshock

Image of hackerOnce updates are in place you need to make sure that they work. This is where Spirent can help. By having exploits of vulnerabilities like Shellshock readily available in our TestCloud database, you can see if the updates and patches work as expected to protect your network and business interests.

For protection from future vulnerability discoveries, one has to look at robustness and resiliency testing of any network or infrastructure solution. Fuzzing testing provides this type of insight by sending invalid, random data to the solution with the goal of crashing it or rendering it useless. This exposes system faults and potential vulnerabilities in the solution. Fuzzing testing has been added to many best practices and software development lifecycles. However, many are still not aware of the benefits of this and have not implemented this into their development processes.

We need to be active in addressing security concerns to make sure we minimize risk. Keeping on top of your solutions updates is important to ensure you are protected and don’t become a victim to these vulnerabilities.

Have you been impacted by Shellshock? We would love to hear your thoughts on how to minimize the impact of vulnerabilities such as Shellshock. Join the conversation on LinkedIn or leave your comment below.

comments powered by Disqus
× Spirent.com uses cookies to enhance and streamline your experience. By continuing to browse our site, you are agreeing to the use of cookies.