Thursday, September 25, 2014

Bash Vulnerability Part 3

Earlier today, I wrote a quick blog post about detecting exploit attempts for this new Bash Vulnerability:

As mentioned in an update to that blog post, Seth Hall wrote a ShellShock detector for Bro that detects successful exploitation (not just an attempt):

I've added these Bro scripts to our securityonion-bro-scripts package and submitted the package for testing:!topic/security-onion-testing/kOBEKrhKvTo

If you're not already a member of the security-onion-testing Google Group, please join the group and help us test this new package so we can get it released as quickly as possible.


Bro Notice for ShellShock::Exploit

Bro http.log showing ShellShock::HIT
UPDATE 20140926 14:12
Please see Part 4:

UPDATE 20140927 08:01
The updated securityonion-bro-scripts package has been released to our stable PPA:

No comments: