Shellshock

[maccabbi]

Whats the best way to patch bash on unraid 5.0.5?

 

 

[darkside40]

Easiest way would be a 5.0.6 Version and hopefully it comes quickly because unRaid is affected.

 

[lallhands]

Is there any way to lock down a system in the mean time to help restrict access from a worm attack?

[JonathanM]

Unraid is not meant to be directly exposed to the internet anyway. It should have a private ip, and there should be no ports forwarded to unraids address in your router, unless you know exactly what you are doing, in which case you can patch bash yourself.

[sureguy]

Unraid is not meant to be directly exposed to the internet anyway. It should have a private ip, and there should be no ports forwarded to unraids address in your router, unless you know exactly what you are doing, in which case you can patch bash yourself.

 

This makes the assumption that all the people that will ever connect to the network that unRAID is on will have good intentions, which is not a good thing to assume.

[JonathanM]

Unraid is not meant to be directly exposed to the internet anyway. It should have a private ip, and there should be no ports forwarded to unraids address in your router, unless you know exactly what you are doing, in which case you can patch bash yourself.

 

This makes the assumption that all the people that will ever connect to the network that unRAID is on will have good intentions, which is not a good thing to assume.

Unraid is not hardened, at all. It shouldn't be on a publicly accessible network segment, period. If you can't trust the people in your household not to hack your server, you have other issues besides technology.

 

Now, if you are a networking professional, and have experience with evaluating network security and such, it's a different matter, and as I said, you can do all the necessary and prudent things to allow public access to specific parts of an unraid box.

 

If you are asking how to patch bash, you shouldn't be putting your unraid box in an environment where it could be hacked because you don't have the knowledge to evaluate the other risks. I'm not trying to be a jerk, and I'm sorry if you take it that way, I'm just trying to keep people's data safe.

[darkside40]

That unRaid uses Telnet without authentification says it all.

 

Nevertheless the bug in bash is serious and should be patched asap with a new version of unRaid. Doesn't matter if the server is accessible to the public or not. Period.

[jumperalex]

But it does make me even happier to be using a VM for torrents and plex that way my router points at the VM IP and not unRaids IP. And Arch VM already has the newest (read 2nd) Bash patch in the repo.

[WeeboTech]

This bug has been around for a very long time. As far as I've read.

The vulnerability affects versions 1.14 through 4.3 of GNU Bash.

 

The issue is that script kiddies will attempt to use it as a method to gain entry.

All devices that have used linux, bash and accept user input are candidates.

 

While later versions of slackware have pre-compiled patched bash packages, It seems the unRAID slackware version does not.

Maybe someone knows of a location for a patched & compiled slackware bash package.

[WeeboTech]

More reading here.

http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability-0

[eroz]

Maybe someone knows of a location for a patched & compiled slackware bash package.

Is this it?  http://packetstormsecurity.com/files/128406/SSA-2014-267-01.txt

[WeeboTech]

That looks to be it. Thanks!

[lallhands]

Unraid is not meant to be directly exposed to the internet anyway. It should have a private ip, and there should be no ports forwarded to unraids address in your router, unless you know exactly what you are doing, in which case you can patch bash yourself.

 

This makes the assumption that all the people that will ever connect to the network that unRAID is on will have good intentions, which is not a good thing to assume.

 

I'm less worried about people trying to connect at all. If you have a device that is exposed to the Internet (i.e. router) that gets infected, it could automatically propagate with a worm. This is why it is important to patch.

[WeeboTech]

Unraid is not meant to be directly exposed to the internet anyway. It should have a private ip, and there should be no ports forwarded to unraids address in your router, unless you know exactly what you are doing, in which case you can patch bash yourself.

 

This makes the assumption that all the people that will ever connect to the network that unRAID is on will have good intentions, which is not a good thing to assume.

 

I'm less worried about people trying to connect at all. If you have a device that is exposed to the Internet (i.e. router) that gets infected, it could automatically propagate with a worm. This is why it is important to patch.

 

 

That's my concern also.

[jumperalex]

For those running dd-wrt on their routers, this should be relevant.

 

http://www.dd-wrt.com/phpBB2/viewtopic.php?p=919362