a new worm?

edited September 2014 in Help
I heard something about a "shellshock" worm that is working around to linux systems using a bash exploit. is there anything I need to do to keep my server safe from it?

Comments

  • Patch for this is already out. Well a partial patch anyway.

    https://access.redhat.com/articles/1200223
  • apt-get update and i had no output when i tryed that code to check if my server is vulnerable. Am using ubuntu 14.04
  • thank you, was able to update and get it fixed.
  • If I am not mistaken doesn't vultr have unattended security updates turned on by default.

    I am new and have only had a couple of test servers in operation. Noticed patches are being auto applied. Kind of scares me when kernels autopatch.


  • Here is the command for CentOS yum -y update bash nss
  • @nightshade am not sure, but would be nice to know this info from some vultr staff :)
  • Yes, we have unattended security updates enabled by default for Ubuntu and Debian. This is not the case for CentOS.

    However, for critical issues like this you should always make sure to check yourself.
  • edited September 2014
    There's been some confusion about my last post. To elaborate:

    On Debian and Ubuntu, we enable the operating system's built in unattended-upgrades functionality by default. You can disable this functionality if you don't want it.

    We are not editing your server to apply updates, this is just a feature of the operating system that we enable (similar to Windows automatic updates, which we also enable by default).
Sign In or Register to comment.