Thursday, January 29, 2015

Glibc: GHOST Vulnerability Test To See If a Linux Sever Is Secure

                No comments   
The GHOST (CVE-2015-0235) is serious network function vulnerability in Glibc. How do I check and test if a my Linux based server is secure using command line options?

There are two methods to test and find out if your server or desktop powered by Linux is secure or not:
(a) A simple C test program for all Linux based servers (distro independent; generic method).


(b) A simple bash shell test program for RHEL or CentOS or Scientifc Linux server only.

Method #1: GHOST.C Glibc Vulnerability Test C Program

Type the following wget command to download GHOST.C on a Linux based system:
wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c
## OR
wget -O GHOST.c https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c
 
Compile it:
gcc -o GHOST GHOST.c
Test i:
./GHOST
Sample outputs:
Fig. 01: GHOST.c bug: A simple way to test if Linux system is secure or not
Fig. 01: GHOST.c bug: A simple way to test if Linux system is secure or not

Method #2: GHOST-test.sh Vulnerability Test Bash Script

Visit this url to download a script (or grab it here). You need to have an account with RHN. The script tells whether your system is vulnerable or not. Run script as follows:
wget -O GHOST-test.sh http://www.cyberciti.biz/files/scripts/GHOST-test.sh.txt
bash GHOST-test.sh
 
Sample outputs:

Fig.02: Fig.02: GHOST-test.sh output on a RHEL/CentOS based system
Fig.02: Fig.02: GHOST-test.sh output on a RHEL/CentOS based system

0 comments:

Post a Comment