<div dir="ltr">Citrix Secure Gateway and Riverbed Stingray's are both safe according to advisories, OpenVPN is not.</div><div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Apr 10, 2014 at 6:02 PM, Ian Henderson <span dir="ltr"><<a href="mailto:ianh@ianh.net.au" target="_blank">ianh@ianh.net.au</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">On 10 Apr 2014, at 3:47 pm, Joshua D'Alton <<a href="mailto:joshua@railgun.com.au">joshua@railgun.com.au</a>> wrote:<br>
<br>
> Another tool: <a href="https://ssltools.geotrust.com/checker/views/certCheck.jsp" target="_blank">https://ssltools.geotrust.com/checker/views/certCheck.jsp</a> though it seems to be being "ddosed" due to use.<br>
<br>
</div>The latest version of nmap has a script for detecting heartbleed, considerably faster than the python or external methods, plus it works inside your network for firewalled/RFC1918/etc. svn co <a href="https://svn.nmap.org/nmap/" target="_blank">https://svn.nmap.org/nmap/</a>. I concurrently scanned ~400 /24’s in less than five minutes on a three year old Macbook Pro (OK, so I couldn’t do anything /else/ on the machine at the time...).<br>
<br>
ianh@mel-mb003:~/nmap$ ./nmap --script scripts/ssl-heartbleed.nse -p 443 10.x.x.x<br>
<br>
Starting Nmap 6.41SVN ( <a href="http://nmap.org" target="_blank">http://nmap.org</a> ) at 2014-04-10 17:57 EST<br>
Nmap scan report for 10.x.x.x<br>
Host is up (0.042s latency).<br>
PORT STATE SERVICE<br>
443/tcp open https<br>
| ssl-heartbleed:<br>
| VULNERABLE:<br>
| The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.<br>
| State: VULNERABLE<br>
| Risk factor: High<br>
| Description:<br>
| OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.<br>
|<br>
| References:<br>
| <a href="http://www.openssl.org/news/secadv_20140407.txt" target="_blank">http://www.openssl.org/news/secadv_20140407.txt</a><br>
| <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160" target="_blank">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160</a><br>
|_ <a href="http://cvedetails.com/cve/2014-0160/" target="_blank">http://cvedetails.com/cve/2014-0160/</a><br>
<br>
Nmap done: 1 IP address (1 host up) scanned in 0.96 seconds<br>
ianh@mel-mb003:~/nmap$<br>
<br>
<br>_______________________________________________<br>
AusNOG mailing list<br>
<a href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a><br>
<a href="http://lists.ausnog.net/mailman/listinfo/ausnog" target="_blank">http://lists.ausnog.net/mailman/listinfo/ausnog</a><br>
<br></blockquote></div><br></div>