[170757] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"

daemon@ATHENA.MIT.EDU (Maxim Khitrov)
Tue Apr 8 08:15:39 2014

In-Reply-To: <m2r458kymf.wl%randy@psg.com>
From: Maxim Khitrov <max@mxcrypt.com>
Date: Tue, 8 Apr 2014 08:14:33 -0400
To: Randy Bush <randy@psg.com>
Cc: NANOG <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org

On Tue, Apr 8, 2014 at 4:35 AM, Randy Bush <randy@psg.com> wrote:
>> I'm really surprised no one has mentioned this here yet...
>
> we're all to damned busy updating and generating keys
>
> you might like (thanks smb, or was it sra)
>
> openssl s_client -connect google\.com:443  -tlsextdebug 2>&1| grep 'server extension "heartbeat" (id=15)' || echo safe

That just tells you whether the heartbeat extension is supported.
Google servers are not vulnerable to this attack.

- Max


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[170757] in North American Network Operators' Group

Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"

daemon@ATHENA.MIT.EDU (Maxim Khitrov)Tue Apr 8 08:15:39 2014

daemon@ATHENA.MIT.EDU (Maxim Khitrov)
Tue Apr 8 08:15:39 2014