And I'm supposed to be surprised
It's news and should be reported.
But, really, didn't we all see this coming when ElReg reported the original story yesterday?
This week Citrix tried to reassure everyone the 11 security flaws it just patched in its network perimeter products weren't all that bad. Well, we hope they're right because someone's scanning the internet looking for vulnerable installations. The sweeps could be made by researchers documenting at-risk organizations, or could …
An api that attempts to access what you ask it to? What's wrong with that? Shouldn't the file system be the thing that says "You don't have permission to look at that"?
The api should control who's allowed to call it, but it shouldn't be policing the file system.
It feels as though these days you'd be better off with a vanilla Linux distro at your perimeter.
Sure custom boxes are wizzy and fun, but even if they are 20% more efficient maybe spend more money on 20% better hardware. You should at least separate the physical box with 200 ethernet connections from the huge mass of unnecessary "features" that lives embedded in these things by default.
Even if there is no current exploit for a new vulnerability just published, pre-scanning the net with Masscan for possible targets gives you a fresh clean list to run an exploit against if one appears shortly after. Allowing to you mass pwn much faster when then time arises using your lean list of pre-fingerprinted targets and a potentially more complete list than Shodan.
Biting the hand that feeds IT © 1998–2021