[170862] in North American Network Operators' Group
Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
daemon@ATHENA.MIT.EDU (Ruairi Carroll)
Fri Apr 11 06:34:38 2014
In-Reply-To: <CAPLq3UMWo+k-YtzMGBPPTddYwT1e2Z4h0ieMK2eRHHpfHRtQ0w@mail.gmail.com>
Date: Fri, 11 Apr 2014 12:34:11 +0200
From: Ruairi Carroll <ruairi.carroll@gmail.com>
To: Glen Kent <glen.kent@gmail.com>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Slightly sensationalistic article, tends to imply that heartbleed will
allow you to capture data-plane traffic on any piece of Cisco/Juniper kit.
Either way, as I've said before, if you're exposing *any* management
interfaces, be is ssh,netconf or https to the internet in general, you've
got bigger issues than just heartbleed.
VPN, on the other hand, is a totally different world of pain for this issue.
/ruairi
On 11 April 2014 12:24, Glen Kent <glen.kent@gmail.com> wrote:
>
> http://online.wsj.com/news/articles/SB10001424052702303873604579493963847851346
>
> Glen
>