AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.
Categories
Search

More results...

Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Filter by Custom Post Type
Posts

Barracuda Backdoor Highlights Importance of Configuration Compliance

Risk Management and Vulnerabilities Security Device Configuration Security Policy Management
by Jan 29, 2013

At the end of last week, SEC Consult Vulnerability Lab issued a security advisory for several Barracuda Networks devices regarding an undocumented backdoor in the firmware that enables an attacker to gain administrative rights to the appliances via SSH from certain ranges of public IP addresses and logging in with a pre-defined
username and password. While Barracuda quickly released a patch for this vulnerability, this raises the importance of defining and reporting on baseline security device configurations.

“…You lying so low in the weeds

I bet you gonna ambush me…”

– Lyrics from Heart’s Barracuda

Implementing the right security tools and policies are certainly important when it comes to defending the network, but if your devices are out of date or improperly configured, your network may be exposed to greater risk of a cyber-attack. Attackers search for holes in the network – firewalls, routers, and other security devices – and exploit those gaps to penetrate defenses, which is why the SANS Institute lists network security device configurations as one of its Critical Controls (Critical Control #10).

Being able to run configuration checks on your security devices is a key method for minimizing your network’s attack surface. Some organizations run manual device configuration checks, but these are error-prone and add significant operational burden and cost. Whether its an out-of-date OS on a router or a backdoor, these configuration lapses give the bad guys an opening, so you should raise the level of priority of secure device configuration within your organization.

If you can automatically generate reports that compare device configurations to pre-defined baseline profiles developed from security best practices as well as your corporate policy, then you have taken the next step (and there are solutions out there to help with this). Automated configuration checks provide you with the necessary visibility and control to immediately identify and mitigate network device configuration risks – without putting a big strain on your IT resources.

Morale of the story here is don’t make it easy on the bad guys to gain unauthorized access to your networks and information!

Subscribe to Blog

Receive notifications of new posts by email.

Our Bloggers

View all
Prof. Avishai Wool
101
Tsippi Dach
44
Asher Benbenisty
20
Kyle Wickert
20
Nitin Rajput
4
Malynnda Littky-Porath
4
Avivi Siman Tov
3
Ava Chawla
3
Adel Osta Dadan
3

Professor Wool Educational Videos

Best Practices for Amazon Web Services (AWS) Security

View all

Resources

The KuppingerCole Analyst Report

Hybrid Cloud Environments: The State of Security

See AlgoSec in Action

Network Security Policy Management Lifecycle

Learn how a lifecycle approach improves business agility, reduces risks, and lowers costs

Download

Latest Tweets

You currently have access to a subset of Twitter API v2 endpoints and limited v1.1 endpoints (e.g. media post, oauth) only. If you need access to this endpoint, you may need a different access level. You can learn more here: https://developer.twitter.com/en/portal/product

Archives

Posts