Saturday 27 September 2014

Shell command injection vulnerability in Bash



Bash or the Bourne again shell has vulnerabilities in the way it handles environment variables when it is invoked. Under some scenarios, network based remote attackers can inject shell script that can be executed on a system. This is also known as "ShellShock".



Products vulnerable to remote exploitation risks:

  • Junos Space is vulnerable in all versions.
  • JSA Series (STRM) devices are vulnerable in all versions.
  • NSM Appliances (NSM3000 and NSMExpress) are vulnerable in all versions.

Products with bash, but NOT affected by remote exploitation risks:

Our current assessment shows there is no risk of remote code execution on these products even though the products include bash. Scenarios required for known remote exploitation vectors do not exist on these products. As a precaution, bash in these products will be upgraded.
  • SSL VPN
  • UAC
  • CTPView
  • QFabric
  • DDOS Secure
  • JWAS
  • vGW
  • SRC
  • Junos Pulse Endpoint Profiler

Products NOT affected:

  • Junos OS is not vulnerable.
  • ScreenOS is not vulnerable.
  • JunosE is not vulnerable.
  • ADC is not vulnerable.
  • SRX-IDP is not vulnerable.
  • ISG-IDP is not vulnerable.
  • WX is not vulnerable.
  • MFC is not vulnerable.
at No comments:

Saturday 13 September 2014

JUNOS : Verifying Junos OS License Installation

Verify that the expected licenses are installed and active on the router or switch.
 
user@host> show system license
License usage: 
                   Licenses     Licenses    Licenses    Expiry
  Feature name         used    installed      needed 
  subscriber-acct         0            1           0    permanent
  subscriber-auth         0            1           0    permanent
  subscriber-addr         0            1           0    permanent
  subscriber-vlan         0            1           0    permanent
  subscriber-ip           0            1           0    permanent
  scale-subscriber        0         1000           0    permanent
  scale-l2tp              0         1000           0    permanent
  scale-mobile-ip         0         1000           0    permanent

Licenses installed: 
  License identifier: E000185416
  License version: 2
  Features:
    subscriber-acct  - Per Subscriber Radius Accounting
      permanent
    subscriber-auth  - Per Subscriber Radius Authentication
      permanent
    subscriber-addr  - Address Pool Assignment
      permanent
    subscriber-vlan  - Dynamic Auto-sensed Vlan
      permanent
    subscriber-ip    - Dynamic and Static IP
      permanent

Meaning

The output shows a list of the license usage and a list of the licenses installed on the router or switch. Verify the following information:
  • Each license is present. Licenses are listed in ascending alphanumeric order by license ID.
  • The state of each license is permanent.
at No comments:

Tuesday 2 September 2014

Junos Benefit

Junos operating system is a reliable, high-performance network operating system for routing, switching, and security. It reduces the time necessary to deploy new services and decreases network operation costs. Junos offers secure programming interfaces and the Junos SDK for developing applications that can unlock more value from the network.

Running Junos in a network improves the reliability, performance, and security of existing applications. It automates network operations on a streamlined system, allowing more time to focus on deploying new applications and services. And it's scalable both up and down—providing a consistent, reliable, stable system for developers and operators. Which, in turn, means a more cost-effective solution for your business.
 
SDN  
Path Computation Client (PCC): PCC is an SDN technology available on the MX Router Series. PCC enables network programmability to allow IT managers to dynamically create optimal paths including slices, overlays or virtual paths, to optimize on-demand bandwidth requirements.
 
Fusion
With Junos Fusion, service providers can reduce network complexity and operational costs by collapsing underlying network elements into a single, logical point of control from Juniper Networks® Junos routing platforms. Junos Fusion is fully interoperable with third-party solutions and is extensible to SDN control.


One Operating System reduces time and effort to plan, deploy, and operate network infrastructure.
 
One Release Train provides stable delivery of new functionality in a steady, time-tested cadence.
 
Modular Software Architecture provides highly available and scalable software that keeps up with changing needs.
at No comments:
Subscribe to: Posts (Atom)
loading...