Back to blog results

October 1, 2014By Stefan Zier

We are Shellshock Bash Bug Free Here at Sumo Logic, but What about You?

Be" class="redactor-autoparser-object">https://www.sumologic.com/blog... Aware and Be Prepared

I am betting most of you have heard about the recent “Shellshock Bash Bug”. If not, here is why you should care – this bug has affected users of Bash, which is one of the most popular utilities installed on operating systems today. Discovered in early September 2014, this extremely severe bug affects bash versions dating back to version 1.13 and has the ability to process shell commands after function definitions in Bash that exposes systems to security threats. This vulnerability allows remote attackers to execute any shell command and gain access to internal data, publish malicious code, reconfigure environments and exploit systems in infinite ways.

Shellshock Bash Bug Free, Safe and Secure

None of the Sumo Logic service components were impacted due to the innate design of our systems. However, for those of you out there who might have fallen victim to this bug based on your system architecture, you’ll want to jump in quickly to address potential vulnerabilities.

What We Can Do for You

If you have been searching around for a tool to expedite the process of identifying potential attacks on your systems, you’re in the right place! I recommend that you consider Sumo Logic and especially our pattern recognition capability called LogReduce. Here is how it works – the search feature enables you to search for the well known “() {“ Shellshock indicators while the touch of the LogReduce button effectively returns potential malicious activity for you to consider. Take for instance a large group of messages that could be a typical series of ping requests, LogReduce separates messages by their distinct signatures making it easier for you to review those that differ from the norm. You can easily see instances of scans, attempts and real attacks separated into distinct groups. This feature streamlines your investigation process to uncover abnormalities and potential attacks. Give it a try and see for yourself how LogReduce can reveal to you a broad range of remote attacker activity from downloads of malicious files to your systems, to internal file dumps for external retrieval, and many others.

Witness it Yourself

Check out this video to see how our service enables you to proactively identify suspicious or malicious activity on your systems: Sumo Logic: Finding Shellshock Vulnerabilities

[youtube=

;mkt_tok=3RkMMJWWfF9wsRoks6vIZKXonjHpfsX56u4uX6SzlMI%2F0ER3fOvrPUfGjI4DT8ZhI%2BSLDwEYGJlv6SgFTbnGMa5r2LgEXhE%3D]

Give Us a Try

For those of you, who are completely new to our service, you can sign up for a Free 30 day trail here: Sumo Logic Free 30 Day Trial

https://www.sumologic.com/blog... class="at-below-post-recommended addthis_tool">

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Stefan Zier

Stefan was Sumo’s first engineer and Chief Architect. He enjoys working on cloud plumbing and is plotting to automate his job fully, so he can spend all his time skiing in Tahoe.

More posts by Stefan Zier.

People who read this also enjoyed