Ghost - glib

Discussion in 'Business & Enterprise Computing' started by lavi, Jan 28, 2015.

  1. lavi

    lavi Member

    Joined:
    Dec 20, 2002
    Messages:
    4,003
    Location:
    Brisbane
  2. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    12,698
    I'll just link the other thread so the same arguments don't get rehashed for the 9000th time :)...


    Its got a cool name... its on Reddit... cue News.Com.Au having a 'world is ending' article up about it in the next 3 hours.
     
  3. OP
    OP
    lavi

    lavi Member

    Joined:
    Dec 20, 2002
    Messages:
    4,003
    Location:
    Brisbane
    if news.com.au don't involve ISIS with it then what's the point?
     
  4. mjunek

    mjunek Member

    Joined:
    Apr 1, 2003
    Messages:
    832
    Location:
    Ashfield, Sydney
    Spent the morning patching my servers :-/
    I wonder how many of the "propriatary" linux based systems I'm running have the bug also :(
     
  5. phreeky82

    phreeky82 Member

    Joined:
    Dec 10, 2002
    Messages:
    9,462
    Location:
    Townsville
    Personal stuff patched, hopefully it's not one that needs additional patching any time soon. Thankfully somebody else at work looks after this stuff, but I'd be surprised if anything but external-facing systems are touched for some time.
     
  6. tin

    tin Member

    Joined:
    Jul 31, 2001
    Messages:
    6,410
    Location:
    Narrabri NSW
    I always wonder that too. I know our camera recorder at work is vulnerable to heartbleed and various other OpenSSL bugs. I also know the chances of a patch are zero - it doesn't even have a model number, let alone a manufacturer (got it off eBay of course:D).
     
  7. PabloEscobar

    PabloEscobar Member

    Joined:
    Jan 28, 2008
    Messages:
    12,698
    The 'internet of things' is going to be a scary place.
     
  8. Daemon

    Daemon Member

    Joined:
    Jun 27, 2001
    Messages:
    5,403
    Location:
    qld.au
    For anyone digging deep into this bug, it's serious but no where near as exploitable as it's being made out to be. If you read the Qualys report on it, they have an Exim POC but it requires a non standard config (albeit a common one).

    They also analysed a number of common systems with TCP access and found the following NOT to be vulnerable:

    apache, cups, dovecot, gnupg, isc-dhcp, lighttpd, mariadb/mysql,
    nfs-utils, nginx, nodejs, openldap, openssh, postfix, proftpd,
    pure-ftpd, rsyslog, samba, sendmail, sysklogd, syslog-ng, tcp_wrappers,
    vsftpd, xinetd.

    Obviously the easy way is to patch and reboot to ensure everything is protected, but at least the likelihood of exploit is low than first thought.
     
  9. OP
    OP
    lavi

    lavi Member

    Joined:
    Dec 20, 2002
    Messages:
    4,003
    Location:
    Brisbane
    we did 380 something servers last nigh ... being a zombie today is an understatement
     
  10. tin

    tin Member

    Joined:
    Jul 31, 2001
    Messages:
    6,410
    Location:
    Narrabri NSW
    It already is - I think Philips set the standard for IoT security with their early internet light bulbs.
     
  11. scrantic

    scrantic Member

    Joined:
    Apr 8, 2002
    Messages:
    1,690
    Location:
    3350
    And various "Smart" TV manufacturers.
     

Share This Page