DukewillNukem
asked on
OpenSSL Heart Bleed Bug
im not sure what it means and in which way it affects an enterprise?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Duke, are you affected, do you run open ssl? In what version do you run it?
ASKER
we mainly use Windows servers. however,we do have a few Linux appliances,stuff like ESX,Cisco Unified Personal Communicator. no my SQL.
But you don't use open ssl, right?
ASKER
no
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
IIS is not affected: http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx
But Apache + OpenSSL is. If your running redhat you are likely affected if it's the latest instance of open-ssl (1.0.1 thru 1.0.1f) http://www.kb.cert.org/vuls/id/720951
Here is a pretty good list of vendors press releases that specify versions of software that are and are not affected, like cisco etc...
https://isc.sans.edu/diary/Heartbleed+vendor+notifications/17929
-rich
But Apache + OpenSSL is. If your running redhat you are likely affected if it's the latest instance of open-ssl (1.0.1 thru 1.0.1f) http://www.kb.cert.org/vuls/id/720951
Here is a pretty good list of vendors press releases that specify versions of software that are and are not affected, like cisco etc...
https://isc.sans.edu/diary/Heartbleed+vendor+notifications/17929
-rich
ASKER
found a solution
ASKER