Amarillo, TX November 8, 2005 - BRICKServer users should rest easy knowing their web servers are safe from the latest Linux worm.
According to Symantec, the Lupper worm affects key Linux web server distributions. Once infected, it is recommended the web server be completely reinstalled because of all the impending damage.
BRICKServer utilizes Process-Based Security (PBS), a proactive security approach implemented into the operating system. PBS prevents the execution of any arbitrary code allowing IT Professionals focus on other important duties, instead of reinstalling their web server.
Vincent Larsen, President and CTO of SAGE, Inc., explains below, how the BRICKServer protects against the Lupper worm and any future ones like it.
· The BRICKServer cannot write anywhere in the system or execute anything outside of CGI scripts. If a variant were found that worked against the web server, it would be safe, since our web server cannot write to disk (OS enforced). This specific exploit worked based on CGIs, but our CGIs can only write to cgi-data (OS enforced) and nothing can execute from cgi-data (OS enforced). In addition, our CGIs can only execute other CGIs in cgi-bin (OS enforced).
· The exploit also requires the execution of "shell" commands. We do not have a shell on our system. A shell cannot be put on our system and executed (OS enforced). Any commands that the shell might additionally try to execute are also not on our system (and could not be added [OS enforced]).
“SAGE offers a secure, yet simple solution eliminating the constant annoyance of defending and patching your web server”, said Vincent Larsen. “It is time that IT Professionals understand there is an alternative way of protecting a web server from malicious code, a BRICKServer”.
About SAGE, Inc.
SAGE Inc. is a technology leader in web appliance security providing businesses with secure operating system solutions. Located on the web at www.sage-inc.com.
Thank you for the feedback