<div dir="ltr">This is one way to test your boxes: <a href="https://github.com/titanous/heartbleeder">https://github.com/titanous/heartbleeder</a> </div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 8, 2014 at 9:25 AM, Erik Anderson <span dir="ltr"><<a href="mailto:erikerik@gmail.com" target="_blank">erikerik@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">I'm guessing I'm not the only one that was up late patching systems to mitigate this security disaster. :(<div>
<br></div><div>I've been thinking through all of the various vulnerabilities we've seen in my career, and I'm not sure I can think of one that is as potentially damaging as this one is.</div>
<div><br></div><div>For those that haven't heard, the Heartbleed[1] OpenSSL bug was announced yesterday. In short, it's a bug in the TLS heartbeat functionality that allows any party to remotely read any accessible memory contents in the affected systems. Meaning that your private keys, session keys, etc. have all potentially been compromised.</div>
<div><br></div><div>So, if you're running a linux server with an application that uses TLS and you have OpenSSL versions 1.0.1 = 1.0.1f, you're vulnerable and need to respond appropriately: patch openssl and libssl, regenerate private keys, get new SSL certs issued/installed, etc. It's been a fun 18 hours. :)</div>
<div><br></div><div>-Erik</div><div><br></div><div>[1]: <a href="http://heartbleed.com/" target="_blank">http://heartbleed.com/</a></div></div>
<br>_______________________________________________<br>
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota<br>
<a href="mailto:tclug-list@mn-linux.org">tclug-list@mn-linux.org</a><br>
<a href="http://mailman.mn-linux.org/mailman/listinfo/tclug-list" target="_blank">http://mailman.mn-linux.org/mailman/listinfo/tclug-list</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Ben Lutgens<br>Linux / Unix System Administrator<br><br>Three of your friends throw up after eating chicken salad. Do you think:<br>"I should find more robust friends" or "we should check that refrigerator"?<br>
-- Donald Becker, on vortex-bug, suspecting a network-wide problem<br>
</div>