AlgoBuzz Blog

Everything you ever wanted to know about security policy management, and much more.

Search
Generic filters
Exact matches only
Search in title
Search in content
Search in excerpt
Search in comments
Filter by Custom Post Type
Posts

Barracuda Backdoor Highlights Importance of Configuration Compliance

by

At the end of last week, SEC Consult Vulnerability Lab issued a security advisory for several Barracuda Networks devices regarding an undocumented backdoor in the firmware that enables an attacker to gain administrative rights to the appliances via SSH from certain ranges of public IP addresses and logging in with a pre-defined
username and password. While Barracuda quickly released a patch for this vulnerability, this raises the importance of defining and reporting on baseline security device configurations.

“…You lying so low in the weeds

I bet you gonna ambush me…”

– Lyrics from Heart’s Barracuda

Implementing the right security tools and policies are certainly important when it comes to defending the network, but if your devices are out of date or improperly configured, your network may be exposed to greater risk of a cyber-attack. Attackers search for holes in the network – firewalls, routers, and other security devices – and exploit those gaps to penetrate defenses, which is why the SANS Institute lists network security device configurations as one of its Critical Controls (Critical Control #10).

Being able to run configuration checks on your security devices is a key method for minimizing your network’s attack surface. Some organizations run manual device configuration checks, but these are error-prone and add significant operational burden and cost. Whether its an out-of-date OS on a router or a backdoor, these configuration lapses give the bad guys an opening, so you should raise the level of priority of secure device configuration within your organization.

If you can automatically generate reports that compare device configurations to pre-defined baseline profiles developed from security best practices as well as your corporate policy, then you have taken the next step (and there are solutions out there to help with this). Automated configuration checks provide you with the necessary visibility and control to immediately identify and mitigate network device configuration risks – without putting a big strain on your IT resources.

Morale of the story here is don’t make it easy on the bad guys to gain unauthorized access to your networks and information!

Subscribe to Blog

Receive notifications of new posts by email.