{"id":9963,"date":"2013-01-24T10:10:08","date_gmt":"2013-01-24T18:10:08","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=9963"},"modified":"2013-01-24T10:10:08","modified_gmt":"2013-01-24T18:10:08","slug":"barracuda-appliances-found-to-have-a-secret-backdoor","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/","title":{"rendered":"Barracuda Appliances Found to Have a Secret Backdoor"},"content":{"rendered":"<p>When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s <a href=\"http:\/\/krebsonsecurity.com\/2013\/01\/backdoors-found-in-barracuda-networks-gear\/\">exactly what\u2019s been discovered<\/a> in a wide variety of <a href=\"https:\/\/www.barracudanetworks.com\/\">Barracuda<\/a>\u2019s network appliance products.<\/p>\n<p>A security researcher with SEC Consult recently discovered that these appliances could be accessed by accounts created by Barracuda, from a range of IP addresses (including hundreds outside Barracuda\u2019s control), without having to provide authentication. According to Barracuda, these accounts are intended for use by remote technical support. They have <a href=\"https:\/\/www.barracudanetworks.com\/support\/techalerts\">released an update<\/a> for the affected appliances that tightens the security of most of these support accounts, but it does not remove or secure them entirely.<\/p>\n<p>These remote-support accounts can still be accessed by IP addresses in ranges not entirely controlled by Barracuda, which also puts these IP addresses at additional risk of hacking by those seeking to gain access to these vulnerable appliances. It is advisable for users of affected Barracuda appliances to update their security definitions to v2.0.5 as soon as possible. Some people are also <a href=\"http:\/\/www.theregister.co.uk\/2013\/01\/24\/barracuda_backdoor\/\">recommending to block port 22<\/a> on the firewall, though many will find this measure problematic.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s exactly what\u2019s been discovered in a wide variety of Barracuda\u2019s network appliance products. A security researcher with SEC Consult recently discovered that these appliances could be accessed by accounts created by Barracuda, [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":9967,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[5],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s exactly what\u2019s been\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Barracuda Appliances Found to Have a Secret Backdoor - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s exactly what\u2019s been\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-01-24T18:10:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Lysa Myers\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg\",\"width\":\"400\",\"height\":\"260\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/\",\"name\":\"Barracuda Appliances Found to Have a Secret Backdoor - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#primaryimage\"},\"datePublished\":\"2013-01-24T18:10:08+00:00\",\"dateModified\":\"2013-01-24T18:10:08+00:00\",\"description\":\"When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\\u2019s exactly what\\u2019s been\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Barracuda Appliances Found to Have a Secret Backdoor\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\"},\"headline\":\"Barracuda Appliances Found to Have a Secret Backdoor\",\"datePublished\":\"2013-01-24T18:10:08+00:00\",\"dateModified\":\"2013-01-24T18:10:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#webpage\"},\"wordCount\":200,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg\",\"articleSection\":[\"Security News\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a\",\"name\":\"Lysa Myers\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g\",\"caption\":\"Lysa Myers\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s exactly what\u2019s been","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/","og_locale":"en_US","og_type":"article","og_title":"Barracuda Appliances Found to Have a Secret Backdoor - The Mac Security Blog","og_description":"When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s exactly what\u2019s been","og_url":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/","og_site_name":"The Mac Security Blog","article_published_time":"2013-01-24T18:10:08+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Lysa Myers","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg","width":"400","height":"260"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/","name":"Barracuda Appliances Found to Have a Secret Backdoor - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#primaryimage"},"datePublished":"2013-01-24T18:10:08+00:00","dateModified":"2013-01-24T18:10:08+00:00","description":"When you buy a security appliance, the last thing you expect is to have a backdoor baked into the product intentionally. But that\u2019s exactly what\u2019s been","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Barracuda Appliances Found to Have a Secret Backdoor"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a"},"headline":"Barracuda Appliances Found to Have a Secret Backdoor","datePublished":"2013-01-24T18:10:08+00:00","dateModified":"2013-01-24T18:10:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#webpage"},"wordCount":200,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg","articleSection":["Security News"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/barracuda-appliances-found-to-have-a-secret-backdoor\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/12b11624d5a648c576d8dce6f93b230a","name":"Lysa Myers","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/783af524dca7753ceb3cd9a576398a0e?s=96&d=mm&r=g","caption":"Lysa Myers"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/lysam\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/barracuda-networks-thumb.jpg","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-2AH","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/9963"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=9963"}],"version-history":[{"count":4,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/9963\/revisions"}],"predecessor-version":[{"id":9975,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/9963\/revisions\/9975"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/9967"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=9963"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=9963"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=9963"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}