LANGuardian cannot detect vulnerable systems on the network as the Bash version is not advertised in network conversations.What you need to know about LANGuardian and heartbleed
LANGuardian is not susceptible to this vulnerability. Based on currently available information, LANGuardian is not vulnerable to Shellshock exploit attempts. Users do not need to take any action with LANGuardian and LANGuardian systems do not require a software update.
Netfort will issue an update for LANGuardian in due course that upgrades Bash to latest recommended versions in accordance with good practice.
How can LANGuardian be used to manage the situation?
We have updated the LANGuardian IDS ruleset today to include some new Bash rules which include the wording CVE-2014-6271. The new rules are enabled by default. If you are running LANGuardian version 12 or higher and IDS ruleset version Thu Sep 25 11:42:35 IST 2014 you should have access to some new signatures to detect exploit attempts.
One of the key Security analysis reports on the LANGuardian is called "Security :: By Signature". Run this report to see if there have been any of these events triggered. Go to our forum and you'll see the full list of today's LANGuardian IDS updates.
Netfort will distribute any further valid IDS signatures as they become available.
And of course, please contact us if you have any further questions about this bug or about LANGuardian in general.
Be the first to post a reply!