Blog

03/06/2019

Glibc: GHOST Vulnerability Test To See If a Linux Sever Is Secure



The GHOST (CVE-2015-0235) is serious network function vulnerability in Glibc. How do I check and test if a my Linux based server is secure using command line options?

There are two methods to test and find out if your server or desktop powered by Linux is secure or not:

(a) A simple C test program for all Linux based servers (distro independent; generic method). [donotprint][/donotprint]

(b) A simple bash shell test program for RHEL or CentOS or Scientifc Linux server only.

Method #1: GHOST.C Glibc Vulnerability Test C Program

Type the following wget command to download GHOST.C on a Linux based system:

wget https://webshare.uchicago.edu/orgs/ITServices/itsec/Downloads/GHOST.c
## OR
wget -O GHOST.c https://gist.githubusercontent.com/koelling/ef9b2b9d0be6d6dbab63/raw/de1730049198c64eaf8f8ab015a3c8b23b63fd34/gistfile1.c

Compile it:

gcc -o GHOST GHOST.c

Test i:

./GHOST

Sample outputs:

Fig. 01: GHOST.c bug: A simple way to test if Linux system is secure or not

Method #2: GHOST-test.sh Vulnerability Test Bash Script

Visit this url to download a script (or grab it here). You need to have an account with RHN. The script tells whether your system is vulnerable or not. Run script as follows:

wget -O GHOST-test.sh http://sxi.io/files/scripts/GHOST-test.sh.txt
bash GHOST-test.sh

Sample outputs:

Fig.02: Fig.02: GHOST-test.sh output on a RHEL/CentOS based system

What to do if my server is not secure or Vulnerable to the Ghost attack?

See this tutorial page for securing your server by applying patches to glibc.

This entry is 1 of 2 in the Linux GHOST Glibc Critical Security Vulnerability series. Keep reading the rest of the series:
  1. Check Ghost Vulnerability Test Programs
  2. Secure and Patch Your Linux Server For Ghost Bug

Posted by: SXI ADMIN

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

14/08/2019

How to KVM, QEMU start or stop virtual machine from command line (CLI)

KVM or Kernel Based Virtual Machine is a popular virtualization technology. It allows you to run virtual guest machines over a host machine. To start...
14/08/2019

How to Docker backup Saving and restoring your volumes

Running a Docker volume backup First, we spin up a temporary container, and we mount the backup folder and the target Docker volume to this container....
12/08/2019

How to Start and Enable Firewalld on CentOS 7

In this article, we discuss how to start and enable firewalld. It is highly recommended that you have a firewall protecting your server.Pre-Flight CheckThese...