<div>
Mostly attacks happen on port 443 (HTTPS) or port 22 (SSH). Scan for that traffic, especially, if you see it's a LOT and going everywhere.
</div>


Mostly attacks happen on port 443 (HTTPS) or port 22 (SSH). Scan for that traffic, especially, if you see it's a LOT and going everywhere.

<div>
<div class="content wysiwyg-content">
We are being told by our ISP that we have a computer/device on our network performing Heart Bleed attacks. &nbsp;We have performed AV scans with multiple AV products but the attacks are still happening. &nbsp;The client has Wi-Fi so we don't have complete control of what devices can connect to the network. &nbsp;We have tried to track down the attack as the traffic passes through the WatchGuard firewall but haven't had any luck. &nbsp;So basically I'm asking how can I track down the source of the heart bleed attack?
</div>
</div>


We are being told by our ISP that we have a computer/device on our network performing Heart Bleed attacks.  We have performed AV scans with multiple AV products but the attacks are still happening.  The client has Wi-Fi so we don't have complete control of what devices can connect to the network.  We have tried to track down the attack as the traffic passes through the WatchGuard firewall but haven't had any luck.  So basically I'm asking how can I track down the source of the heart bleed attack?

Heart Bleed Attack

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.