[AusNOG] Heartbleed Bug

Andy S. ciscoarc7 at gmail.com
Thu Apr 10 16:47:47 EST 2014


Also, for those need to check openssl version in F5, ssh to it and type

ssh -V

Cheers.

On Thursday, April 10, 2014, Andy S. <ciscoarc7 at gmail.com> wrote:

> I used Qualy SSL Labs test for our F5.
>
> https://www.ssllabs.com/ssltest
>
> Cheers.
> Andy
>
> On Thursday, April 10, 2014, Joshua D'Alton <joshua at railgun.com.au<javascript:_e(%7B%7D,'cvml','joshua at railgun.com.au');>>
> wrote:
>
>> Another tool:  https://ssltools.geotrust.com/checker/views/certCheck.jsp  though it seems to be being "ddosed" due to use.
>>
>>
>> On Wed, Apr 9, 2014 at 6:55 PM, Shain Singh <shain.singh at gmail.com>wrote:
>>
>>> Hi,
>>>
>>>
>>>
>>> On 9 April 2014 05:48, Colin Stubbs
>>> <colin.stubbs at equatetechnologies.com.au> wrote:
>>> >
>>> > Yeap, I can confirm that.
>>> >
>>> > Note however,
>>> >
>>> > 11.5's management interface is affected. That's the webGUI to
>>> config/manage
>>> > the box which runs Apache w/ OpenSSL.
>>> >
>>> > SSL virtual hosts terminated by TMOS __are not__ affected, e.g. the
>>> > production services hosted by the F5.
>>>
>>> Only if you are not using the COMPAT directive in your SSL profiles
>>> (which the majority of people won't).
>>>
>>>
>>> >
>>> > Definitely doesn't affect 11.4 or below from the testing I've now done.
>>> >
>>> > -Colin
>>> >
>>> > On 8 April 2014 14:09, Mick O'Rourke <mkorourke+ausnog at gmail.com>
>>> wrote:
>>> >>
>>> >> > F5 load balancers are vulnerable.
>>> >>
>>> >> Apparently only 11.5.x versions of BIG IP.
>>> >>
>>> >>
>>>
>>> The official release from F5
>>> http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html
>>>
>>> Disclaimer: I am an F5 employee.
>>>
>>> For security related alerts on F5, you can sign up here (you need to
>>> provide contact details besides email):
>>> https://interact.f5.com/technews.html
>>>
>>>
>>> --
>>> Shaineel Singh
>>> e: shain.singh at gmail.com
>>> p: +61 422 921 951
>>> w: http://buffet.shainsingh.com
>>>
>>> --
>>> "Too many have dispensed with generosity to practice charity" - Albert
>>> Camus
>>> _______________________________________________
>>> AusNOG mailing list
>>> AusNOG at lists.ausnog.net
>>> http://lists.ausnog.net/mailman/listinfo/ausnog
>>>
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140410/27e3e70f/attachment.html>


More information about the AusNOG mailing list