Solved

OpenSSL Heart Bleed Bug

Posted on 2014-04-09
10
605 Views
Last Modified: 2014-04-15
im not sure what it means and in which way it affects an enterprise?
0
Comment
Question by:DukewillNukem
  • 5
  • 4
10 Comments
 
LVL 53

Assisted Solution

by:McKnife
McKnife earned 500 total points
ID: 39988374
You mean all the articles that can be found in various news are not well-written, not understandable?

If you use openssl in the version mentioned, you need to install updates immediately, that's all. Otherwise you are vulnerable to various serious attacks via internet.
0
 

Author Comment

by:DukewillNukem
ID: 39988386
which articles?where do i get the updates from?
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39988395
Duke, are you affected, do you run open ssl? In what version do you run it?
0
 

Author Comment

by:DukewillNukem
ID: 39988434
we mainly use Windows servers. however,we do have a few Linux appliances,stuff like ESX,Cisco Unified Personal Communicator. no my SQL.
0
 
LVL 53

Expert Comment

by:McKnife
ID: 39988481
But you don't use open ssl, right?
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:DukewillNukem
ID: 39988501
no
0
 
LVL 53

Accepted Solution

by:
McKnife earned 500 total points
ID: 39988517
And...why do you care, then :) ?
0
 

Assisted Solution

by:DukewillNukem
DukewillNukem earned 0 total points
ID: 39991297
i dont know ;-)
but again,we have centos,suse,red hat,ubuntu,etc.
i just want to make sure we dont have to worry about stuff like that. thinking  about to implement a Vulnerability Management Tool (VIM) for 3rd party Software
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 39996059
IIS is not affected: http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx
But Apache + OpenSSL is. If your running redhat you are likely affected if it's the latest instance of open-ssl (1.0.1 thru 1.0.1f) http://www.kb.cert.org/vuls/id/720951
Here is a pretty good list of vendors press releases that specify versions of software that are and are not affected, like cisco etc...
https://isc.sans.edu/diary/Heartbleed+vendor+notifications/17929
-rich
0
 

Author Closing Comment

by:DukewillNukem
ID: 40001137
found a solution
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You may have a outside contractor who comes in once a week or seasonal to do some work in your office but you only want to give him access to the programs and files he needs and keep privet all other documents and programs, can you do this on a loca…
How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now