We have now upgraded both our clusters.
I had never even done it myself, but it wasn’t too bad.
It took – with reading release notes – an hour of work, including making backups.
The upgrade is 1 command, 5 minutes waiting, a force failover and then another 5 minutes for the other.
Impact: the VDIs of home workers stuttered for a few seconds, apps that run via the load balancers also frozen for 4 seconds. And that for a large environment.
Both – for this one time – even during the day.
Ie Impact was very acceptable, most users probably won’t even have noticed!
So how much work?
Furthermore, we performed the FireEye bash check script from 2 days ago on all nodes.
Recommended for all managers and consultants:
This comprehensive script checks for very
many things that together give an almost conclusive indication of whether your Netscaler has been (or was) !!
strange XML files, incorrect entries in the crontab, evidence in the most important log files, etc.
Download the bash file
https://github.com/citrix…er-CVE-2019-19781-v1.0.sh
Put it with winscp in / tmp or something
(You do not have to download the zipfile shown on github, the content is included in the bash script, but the operation is identical.
Login with ssh as nsroot or administrator with the same rights.
Shell
and execute the script:
cd / tmp
bash ./ioc-scanner-CVE-2019-19781-v1.0.sh> “/tmp/results-$(date).txt”
With -v you also get to see all checks.
bash ./ioc-scanner-CVE-2019-19781-v1.0.sh -v> “/tmp/results-$(date).txt”
The script runs for a few seconds and shows in the last line that everything is fine (at least I hope for you)
Hereby the full link from Citrix to it, so legitimate if you didn’t know FireEye 
https://www.citrix.com/bl…-tool-for-cve-2019-19781/
Fortunately, we had already made the mitigating changes before Christmas, but we did monitor the systems considerably and still have them online until we had installed the upgrade from citrix this week.
That proved to be sufficient, this test was fortunately negative.
–
