Hot to check if your Linux server is vulnerable regarding the BASH bug?

Just type this command in your SSH shell

$ env x='() { :;}; echo vulnerable' bash -c 'echo hello'

If you got this output then you are safe:
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
hello

If you got this output then you are vulnerable and need to update:
vulnerable

Here is the tutorial how to do it:
https://brew.sh/

Continue Reading

Protecting your Linux server from Heartbleed bug

I have got at least 20 emails from different sources about OpenSSL vulnerability, known as Heartbleed bug

It allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. More details about this (how to reproduce and fix) can be found here.

To check if your server is vulnerable use this online tool.

heartbleed

At the end, in order to protect your server’s Linux OS you need to do this few steps:

  1. Login through SSL (you can use Putty from Windows) as root administrator
  2. Run “yum update” – this will update your OpenSSL
  3. You need now to restart restart all SSL-enabled services and the easiest way is to restart your server. Use “shutdown -r now
  4. After your server reboots itself, check if all is OK typing (use Putty again): “rpm -q –changelog openssl-1.0.1e | grep -B 1 CVE-2014-0160” and you should get something like this “Mon Apr 12 2014 Toma┼ż Mraz <tmraz@redhat.com> 1.0.1e-16.7

I would like to thank Michael Photakis, Eric Delorme and Stephen Chaffins from the CPanel team for their excellent support.

Happy sleeping.

Continue Reading