Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"

• Previous message (by thread): Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Next message (by thread): Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Apr 8, 2014 at 4:35 AM, Randy Bush <randy at psg.com> wrote:
>> I'm really surprised no one has mentioned this here yet...
>
> we're all to damned busy updating and generating keys
>
> you might like (thanks smb, or was it sra)
>
> openssl s_client -connect google\.com:443  -tlsextdebug 2>&1| grep 'server extension "heartbeat" (id=15)' || echo safe

That just tells you whether the heartbeat extension is supported.
Google servers are not vulnerable to this attack.

- Max

• Previous message (by thread): Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Next message (by thread): Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]