[AusNOG] Fwd: Heartbleed Bug

Nick Savvides Nick_Savvides at symantec.com
Fri Apr 11 23:58:40 EST 2014 

We’ve got another one up on:
https://ssltools.websecurity.symantec.com/checker/views/certCheck.jsp


Nick.
 
-------------------------------------------------------
Nick Savvides,  Senior Principal Systems Engineer (Security)
nick_savvides at symantec.com, Mobile: +61 434 600 870

From:  Joshua D'Alton <joshua at railgun.com.au>
Date:  Thursday, 10 April 2014 15:47
To:  Shain Singh <shain.singh at gmail.com>
Cc:  "ausnog at lists.ausnog.net" <ausnog at lists.ausnog.net>
Subject:  Re: [AusNOG] Fwd: Heartbleed Bug

Another tool:  https://ssltools.geotrust.com/checker/views/certCheck.jsp
though it seems to be being "ddosed" due to use.


On Wed, Apr 9, 2014 at 6:55 PM, Shain Singh <shain.singh at gmail.com> wrote:
> Hi,
> 
> 
> 
> On 9 April 2014 05:48, Colin Stubbs
> <colin.stubbs at equatetechnologies.com.au> wrote:
>> >
>> > Yeap, I can confirm that.
>> >
>> > Note however,
>> >
>> > 11.5's management interface is affected. That's the webGUI to config/manage
>> > the box which runs Apache w/ OpenSSL.
>> >
>> > SSL virtual hosts terminated by TMOS __are not__ affected, e.g. the
>> > production services hosted by the F5.
> 
> Only if you are not using the COMPAT directive in your SSL profiles
> (which the majority of people won't).
> 
> 
>> >
>> > Definitely doesn't affect 11.4 or below from the testing I've now done.
>> >
>> > -Colin
>> >
>> > On 8 April 2014 14:09, Mick O'Rourke <mkorourke+ausnog at gmail.com
>> <mailto:mkorourke%2Bausnog at gmail.com> > wrote:
>>> >>
>>>> >> > F5 load balancers are vulnerable.
>>> >>
>>> >> Apparently only 11.5.x versions of BIG IP.
>>> >>
>>> >>
> 
> The official release from F5
> http://support.f5.com/kb/en-us/solutions/public/15000/100/sol15159.html
> 
> Disclaimer: I am an F5 employee.
> 
> For security related alerts on F5, you can sign up here (you need to
> provide contact details besides email):
> https://interact.f5.com/technews.html
> 
> 
> --
> Shaineel Singh
> e: shain.singh at gmail.com
> p: +61 422 921 951 <tel:%2B61%20422%20921%20951>
> w: http://buffet.shainsingh.com
> 
> --
> "Too many have dispensed with generosity to practice charity" - Albert Camus
> _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140411/6ca5f0fa/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5192 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20140411/6ca5f0fa/attachment.bin>

More information about the AusNOG mailing list