Image Post

A Sudden concern with Shellshock

Unfortunately September has brought with it another far reaching computer exploit. Remember Heartbleed, the OpenSSL exploit from earlier this year? Heartbleed was one of the furthest reaching exploits/virus/trojan/etc. we’ve ever seen on the internet; Shellshock is shaping up to be even scarier.  Here at Sudden Technologies, we’re taking swift action to make sure our customers are protected against this exploit.

With Shellshock having been only in the wild since Tuesday September 24th, there are already countless security specialists and tech reporters posting stories regarding the exploit.

We’ve found that most of these posts are extremely technical and probably pretty difficult for most people to understand, so we at Sudden want to try to help our readers and customers out with a simplified explanation of both the exploit as well as how you can protect yourself. Troy Hunt has a comprehensive technical breakdown of the issue if you want to read more.

So what is it?

Firstly, and briefly what is Bash? For those not overly versed in Linux/Unix Bash is one of many possible shells which can execute commands against the Linux kernel (think Windows command prompt versus Windows Powershell). As a command line user interface, the shells are ultimately a scripting interface as well. This is where the problem comes in to play.

Secondly what is Shellshock? Shellshock is an exploit that allows for remote code execution, meaning an attacker can send commands to a vulnerable server and they will execute on that server. Remote code execution is a common way for hackers to attempt to gain control over websites/servers/databases/etc. The example detailed on TroyHunt.com shows code like this:

http-header = Host:() { :; }; ping -c 3 209.126.230.74

Simply put, what is being done in the above line of code is the attacker is using an http request to make the server do something other than return a webpage (in this example ping another computer). So rather than sending an http request to a web server and it sending you back a picture, some text or a video, the attacker instead can make the server do their bidding.

Why is it bad?

There are 2 main reasons this exploit is so bad. The scale of the exploit and the control that is gained when an attacker makes use of the exploit.

While Windows may still dominate the desktop computer market, Linux is still the dominant force on the internet with the Open Source Apache Web Server running over 50% of the webservers on the internet. The scale of this exploit is potentially as vast as that of Heartbleed.

The level of control and access an attacker can get on compromised systems makes matters potentially much worse than Heartbleed. The level of control gained can be equated on the Windows side of things to giving a hacker control of your mouse and keyboard.

They can do destructive things like:

  • Delete files
  • Shut down servers
  • Attack other servers which may be only accessible from the compromised web server

Or they can steal all kinds of data by having the server backup flies, databases, etc. to a public file share. For instance:

  • Corporate data
  • Usernames and Passwords
  • Customer Financial data

So, what is Sudden doing about it?

Since the news regarding Shellshock broke, we at Sudden have been working with our customers and partners to reduce customer risk.

Working with customers, we have taken steps to isolate affected systems to prevent them from being compromised while countermeasures are developed.

We have worked closely with our security partner Fortinet to develop IPS signatures which can block the exploit from reaching affected systems. As of the writing of this post, Fortinet has released an IPS signature update to protect customers’ systems.

https://blog.fortinet.com/post/shellshock-faq

As patches are released by vendors we will ensure customer systems which have been affected will be patched against Shellshock immediately.

How do I know if this affects me and how do I protect against it?

As you may already have read, there is a simple way to check if your Linux based system is affected by the exploit. Simply login to your Linux terminal and run a command similar to this:

env X="() { :;} ; echo Hackable" bash -c "echo Server"

If your server has already been patched and is not vulnerable, you will see:

bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x’
Server

 

But if you are at risk, you’ll see this:

 

   Hackable

    Server

 

Deploy IPS, Patch your servers, Run and hide

If you have the ability, e.g. if you are a Fortinet customer with a Fortigate firewall protecting your servers, ensure you update your IPS signatures, right away. If you’re not a Fortinet customer, check with your security/firewall provider.

The commonly used distros of Linux are working quickly to get updated versions of Bash out to customers. Here are some links and the commands needed to update some of the most common distros:

o    yum update bash-4.1.2-15.el6_5.1
o    sudo apt-get update && sudo apt-get install --only-upgrade bash
o    yum-yupdate bash

Many of the more niche distros of Linux and devices like embedded appliances will take longer to patch, in the meantime, run and hide. Do everything you can to isolate access to these systems from the internet. Ideally make them totally unavailable from the internet; if your business can’t suffer such an outage and is willing to risk breaches like Target or Home Depot, limiting access to only allow trusted parties to access them might be an interim solution.

 

Image Post

We Are Hiring an Inside Sales Rep!

SUDDEN is Hiring!

Inside Sales Representative

Summary

The Inside Sales Representative is responsible for selling corporate products and services. The successful candidate will have excellent telephone sales and communication skills.  These tasks regularly put the Inside Sales Rep in direct contact with the client, therefore a strong awareness and appreciation for customer service is mandatory.

If successful, this Inside Sales candidate has the potential to become an Outside Sales Rep.

Responsibilities

  • Position and sell SUDDEN’s full range of IT solutions and services to new and existing clients either independently or as part of a larger account team
  • Partner with sales team to develop and maintain excellent customer relationships in order to increase sales.
  • Identify and leverage manufacturer and supplier resources to help facilitate customer requirements
  • Enter accurate client information into CRM database in a timely manner.
  • Follow up on leads and client inquiries
  • Gather information on client business requirements in order to propose best-fit technology solutions
  • Research and understand technology solution and product options
  • Maintain a strong understanding of vendor pricing programs
  • Provide quotes to clients
  • Complete sale and receiving process to ensure order is ready to be invoiced.
  • Complete manufacturer sales training and certifications as requested
  • Maintain ongoing relationships and look for opportunities to grow relationships with assigned accounts
  • Ability to think strategically and create links between business direction and specific solutions
  • Report periodically on activity and performance.
  • Ability to work independently, as well as within a team

Reporting Relationship

  • Insides Sales Reps report to the Manager of Inside Sales & Operations with indirect reporting to Vice President of Sales

Requirements

  • Minimum 2 years relevant sales experience is required
  • Experience in the sale of IT related solutions is preferred
  • Relevant post-secondary education is highly desirable
  • Demonstrate a high degree of motivation, professionalism and work competence
  • Excellent organizational skills and attention to detail
  • Strong written and verbal communication skills
  • Some warehouse experience is an asset
  • Must be computer literate and familiar Microsoft Office

How to Apply

Please submit your resume to careers@sudden.ca

Image Post

SUDDEN Supports The Children’s Foundation Volleyball Tournament

SUDDEN is proud to support The Children’s Foundation’s Volleyball Tournament in order to raise money and awareness to improve the lives of children in our community.  Volunteers collected donations and assembled teams to take part in the volleyball game.

Click here to learn more about The Children’s Foundation.

 

 

Image Post

SUDDEN Technologies to Attend the 14th Annual Healthcare Summit in Kelowna June 26-27

SUDDEN is thrilled to be a sponsor for the Annual Healthcare Summit in Kelowna, BC. Look for SUDDEN with our partners EMC and VMware at the coffee seminars during the morning breaks.  SUDDEN provides extensive IT support for the Healthcare Industry in BC.  Our clients include Health Shared Services BC and Vancouver Coastal Health Authority so please contact us with any questions regarding IT in the Healthcare field.

About the Conference

Held in Kelowna, British Columbia, Canada, the 14th Annual Healthcare Summit is a forum that allows Canadian healthcare officials, senior policy makers, and the private sector to meet and discuss the ways in which government transforms the quality healthcare delivery arena to produce effective and efficient solutions.

This conference brings together many of the best subject matter experts in the field to share case studies, cutting edge policy, programs, research and technologies aimed at successful collaboration within shared services and the healthcare industry. It also provides sponsoring companies the opportunity to showcase their newest products and latest innovations.

Is the Conference Right for You?

If you are part of the following audience, the Summit would be beneficial for you to attend:

  • Federal, provincial and regional healthcare officials
  • Senior policy makers
  • Intelligence and technology officials
  • Academics
  • Healthcare professionals

To learn more about the conference please visit their website

We look forward to seeing you in Kelowna!

Image Post

The Results Are In! SUDDEN Has Made the CDN’s Top 100 Solution Providers of 2013

Congratulations to everyone at SUDDEN who worked so hard to increase our ranking in the CDN Top 100 Solution Providers of 2013!

Since 1985, the CDN has been the leading information source for Canadian IT solution providers. CDN is Canada’s national digital news-magazine and Web site designed to provide VARs, system integrators, system builders, ISVs and retailers with the most comprehensive coverage of news, events and issues in the IT channel.

To read the full list of Solution Providers, click here

Image Post

Moonshine Tasting with SUDDEN and Veeam

One of our best events yet was Moonshine Tasting with Veeam!  A stunning venue, excellent Moonshine host and short, interesting presentations by SUDDEN and Veeam made for a great evening.  Presentations covered SUDDEN’s Cloud Services and Veeam’s Backup and Replication v7.

Check out the photos!

WordPress Appliance - Powered by TurnKey Linux