Another not cloudy but brilliant morning to wake up to. It might be summer somewhere. But I don’t need a clock radio. Instead, I consume news from around the world at breakfast or on the way to some office.
But “I Got You Babe” seems to be playing everywhere. Clearly, I am not actually in a loop, but I don’t lose the feeling that I am in one. And Malcolm Tucker is the narrator.
The loop today is CVE-2016-7032. “Oh, not again,” I think to myself – what a wonderful world.
Time for a little destruction. Let’s play “I have Tripwire Enterprise and I know what I am doing”.
Let’s see what cvedetails.com has on offer for today’s pick from the IT security entertainment circuit. All the mainstream news outlets, who couldn’t fill their pages with profanity about D-list celebrities, must write or copy something.
The threat is real, so I decide to translate what I learned about CVE-2016-7032 into a bit of a digital mystery to see what the day has on offer.
The actual problem is not very complicated and only requires some tests to see where a vulnerable “sudo” version is installed. Thanks to widely available information about vulnerabilities, it is easy to determine what I am looking for.
Among other clever things, Tripwire Enterprise is what we have and what we do. And it takes me maybe 5 minutes to have all I need in place to run a test against hundreds of servers or more.
Reports and charts have been sent out 15 minutes later and a concerned customer (I am on site) knows now exactly what to do and most importantly where to do it.
We decided to leave things in place, to continuously monitor the environment, and to put alerts in place if someone deploys another vulnerable Linux server again. Just in case.
Tomorrow morning, I will wake up to the next CVE. And no clock radio plays “I Got You Babe” – again.
It is not a question of if but when it will hit you. A bit of control is better than remorse.