[AusNOG] Fwd: Heartbleed Bug

Joshua D'Alton joshua at railgun.com.au
Thu Apr 10 15:47:34 EST 2014


Another tool:  https://ssltools.geotrust.com/checker/views/certCheck.jsp
though it seems to be being "ddosed" due to use.


On Wed, Apr 9, 2014 at 6:55 PM, Shain Singh <shain.singh at gmail.com> wrote:

> Hi,
>
>
>
> On 9 April 2014 05:48, Colin Stubbs
> <colin.stubbs at equatetechnologies.com.au> wrote:
> >
> > Yeap, I can confirm that.
> >
> > Note however,
> >
> > 11.5's management interface is affected. That's the webGUI to
> config/manage
> > the box which runs Apache w/ OpenSSL.
> >
> > SSL virtual hosts terminated by TMOS __are not__ affected, e.g. the
> > production services hosted by the F5.
>
> Only if you are not using the COMPAT directive in your SSL profiles
> (which the majority of people won't).
>
>
> >
> > Definitely doesn't affect 11.4 or below from the testing I've now done.
> >
> > -Colin
> >
> > On 8 April 2014 14:09, Mick O'Rourke <mkorourke+ausnog at gmail.com> wrote:
> >>
> >> > F5 load balancers are vulnerable.
> >>
> >> Apparently only 11.5.x versions of BIG IP.
> >>
> >>
>
> The official release from F5
> http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html
>
> Disclaimer: I am an F5 employee.
>
> For security related alerts on F5, you can sign up here (you need to
> provide contact details besides email):
> https://interact.f5.com/technews.html
>
>
> --
> Shaineel Singh
> e: shain.singh at gmail.com
> p: +61 422 921 951
> w: http://buffet.shainsingh.com
>
> --
> "Too many have dispensed with generosity to practice charity" - Albert
> Camus
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140410/8e5f758c/attachment.html>


More information about the AusNOG mailing list