• Register

SAGE First In The News

  • BrickServer's Default-Deny Prevents Lupper Web Server Worm


    Amarillo, TX November 8, 2005 - BRICKServer users should rest easy knowing their web servers are safe from the latest Linux worm.

    According to Symantec, the Lupper worm affects key Linux web server distributions. Once infected, it is recommended the web server be completely reinstalled because of all the impending damage.

    BRICKServer utilizes Process-Based Security (PBS), a proactive security approach implemented into the operating system. PBS prevents the execution of any arbitrary code allowing IT Professionals focus on other important duties, instead of reinstalling their web server.

    Vincent Larsen, President and CTO of SAGE, Inc., explains below, how the BRICKServer protects against the Lupper worm and any future ones like it.

    · The BRICKServer cannot write anywhere in the system or execute anything outside of CGI scripts. If a variant were found that worked against the web server, it would be safe, since our web server cannot write to disk (OS enforced). This specific exploit worked based on CGIs, but our CGIs can only write to cgi-data (OS enforced) and nothing can execute from cgi-data (OS enforced). In addition, our CGIs can only execute other CGIs in cgi-bin (OS enforced).

    · The exploit also requires the execution of "shell" commands. We do not have a shell on our system. A shell cannot be put on our system and executed (OS enforced). Any commands that the shell might additionally try to execute are also not on our system (and could not be added [OS enforced]).

    “SAGE offers a secure, yet simple solution eliminating the constant annoyance of defending and patching your web server”, said Vincent Larsen. “It is time that IT Professionals understand there is an alternative way of protecting a web server from malicious code, a BRICKServer”.

    About SAGE, Inc.
    SAGE Inc. is a technology leader in web appliance security providing businesses with secure operating system solutions. Located on the web at

    Created on 01/31/2013 in SAGE First Inc. News

    Was this helpful?

Process-Based Security

SAGE Ad Graphic

Secure Web Server Appliance


  • Pre-configured with Web, email and FTP servers
  • Secure Remote Administration
  • Process-Based Built-in Security Policy
  • Worry-free maintenance
  • Hardened Operating System
  • Supports SSL, SSI, PHP, PERL PYTHON, & TCL
  • Supports MY SQL, PostgreSQL and SQL Libraries
  • Multi-domain Hosting, Virtual IP
  • Backup

Industrial Automation Firewall

Firewall AD Graphic


  • Mac Address Limiting
  • Port Management
  • Detection and Rejections of DOS Attacks
  • Protection from Viruses, Trojans and Common Cyber Attacks
  • Secure Your Ethernet Enabled Control System Devices (PLCs, RTUs, IEDs)
  • Physically Hardened
  • Secure, Cyber-Hardened Operating System
  • Protect Your End Devices Against Viruses, Worms, Trojans, Malware and Common Cyber Penetration Attacks
  • Transparent In-Line PLC Firewall and Communications Filter


Process-Based Security

PBS Ad Graphic