With all the coverage of the technical aspects and doomsday talk, it's hard to get co-workers to listen when they don't see stories of real people being affected by Heartbleed. So is there any evidence of individuals out there actually suffering at the hands of this bug?
Asked
Active
Viewed 175 times
2 Answers
0
No so much of a story. I found that my little web server I was running was not secure from #heartbleed. I used the following test 'http://filippo.io/Heartbleed/#secure.jermsmit.com' After discovering this I logged into my host and issued an apt-get update && apt-get upgrade -y --- once completed all worked just fine.
So much for my little story.
Jermal Smith
- 1
- 1
0
My company used OpenVPN in many of our primary firewalls for maintenance work, this was exploitable and i managed to dump login and keys of our FW's.
The solution so far is an implementation of Snort rules to block such requests, also i have disabled OpenVPN on the most critical hosts.
After this i was able to sleep.
Neophyte
- 339
- 1
- 4