How to Protect Your Server From the Shellshock Bash Bug

Atlantic.Net NOC
by Atlantic.Net (68posts) under HIPAA Disaster Recovery
0 Comments
Verified and Tested 02/17/2015

Introduction

This guide will cover how to check and fix your server if you are vulnerable to the Shellshock Bash bug.
The Shellshock Bash bug effects ‘nix based operating systems, which allows attackers to remotely run commands on the server gaining unauthorized access to the server and further exploiting the server.
This guide will show you how to test, and fix your server if it is vulnerable.

Is My System Vulnerable?

Run the following command:

env 'VAR=() { :;}; echo Bash is vulnerable!' 'FUNCTION()=() { :;}; echo Bash is vulnerable!' bash -c "echo Bash Test"

If you see the following in the output, your system is vulnerable to the Bash bug and it needs to be updated:

Bash is vulnerable!

Move to “System’s Vulnerable? No Worries.”

If you, instead, receive the following output:

Bash Test

This means, your system is secure and no further work is required.

System’s Vulnerable? No Worries.

The fix is simple, run the following command:

In CentOS/Fedora

yum update bash

In Debian/Ubuntu

sudo apt-get update && sudo apt-get install –only-upgrade bash

In FreeBSD

pkg upgrade bash

More from Atlantic.Net

Learn more about Atlantic.Net’s hosting solutions, including HIPAA compliant disaster recovery services.

Not sure what you need?

Get a free consultation today!

New York, NY

100 Delawanna Ave, Suite 1

Clifton, NJ 07014

United States

San Francisco, CA

2820 Northwestern Pkwy,

Santa Clara, CA 95051

United States

Dallas, TX

2323 Bryan Street,

Dallas, Texas 75201

United States

Ashburn, VA

1807 Michael Faraday Ct,

Reston, VA 20190

United States

Orlando, FL

440 W Kennedy Blvd, Suite 3

Orlando, FL 32810

United States

Toronto, Canada

20 Pullman Ct, Scarborough,

Ontario M1X 1E4

Canada

London, UK

14 Liverpool Road, Slough,

Berkshire SL1 4QZ

United Kingdom

Resources

We use cookies for advertising, social media and analytics purposes. Read about how we use cookies in our updated Privacy Policy. If you continue to use this site, you consent to our use of cookies and our Privacy Policy.