• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 618
  • Last Modified:

OpenSSL Heart Bleed Bug

im not sure what it means and in which way it affects an enterprise?
0
DukewillNukem
Asked:
DukewillNukem
  • 5
  • 4
3 Solutions
 
McKnifeCommented:
You mean all the articles that can be found in various news are not well-written, not understandable?

If you use openssl in the version mentioned, you need to install updates immediately, that's all. Otherwise you are vulnerable to various serious attacks via internet.
0
 
DukewillNukemAuthor Commented:
which articles?where do i get the updates from?
0
 
McKnifeCommented:
Duke, are you affected, do you run open ssl? In what version do you run it?
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
DukewillNukemAuthor Commented:
we mainly use Windows servers. however,we do have a few Linux appliances,stuff like ESX,Cisco Unified Personal Communicator. no my SQL.
0
 
McKnifeCommented:
But you don't use open ssl, right?
0
 
DukewillNukemAuthor Commented:
no
0
 
McKnifeCommented:
And...why do you care, then :) ?
0
 
DukewillNukemAuthor Commented:
i dont know ;-)
but again,we have centos,suse,red hat,ubuntu,etc.
i just want to make sure we dont have to worry about stuff like that. thinking  about to implement a Vulnerability Management Tool (VIM) for 3rd party Software
0
 
Rich RumbleSecurity SamuraiCommented:
IIS is not affected: http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx
But Apache + OpenSSL is. If your running redhat you are likely affected if it's the latest instance of open-ssl (1.0.1 thru 1.0.1f) http://www.kb.cert.org/vuls/id/720951
Here is a pretty good list of vendors press releases that specify versions of software that are and are not affected, like cisco etc...
https://isc.sans.edu/diary/Heartbleed+vendor+notifications/17929
-rich
0
 
DukewillNukemAuthor Commented:
found a solution
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now