Yup. Found the script, installed it, and am scanning now.
Found an appliance that's vulnerable already, and have contacted the vendor, and they say they'll get back to me, as engineering is still evaluating. Kurt On Wed, Apr 9, 2014 at 10:14 AM, Ziots, Edward <[email protected]> wrote: > http://isc.sans.edu/diary/Heartbleed+vendor+notifications/17929 > > > > Looks like there might be a NMAP script out for the vulnerability also per > the ISC sites > > > > Z > > > > Edward E. Ziots, CISSP, CISA, CRISC, Security +, Network + > > Security Engineer > > Lifespan Organization > > [email protected] > > Work:401-255-2497 > > > > > > This electronic message and any attachments may be privileged and > confidential and protected from disclosure. If you are reading this > message, but are not the intended recipient, nor an employee or agent > responsible for delivering this message to the intended recipient, you are > hereby notified that you are strictly prohibited from copying, printing, > forwarding or otherwise disseminating this communication. If you have > received this communication in error, please immediately notify the sender > by replying to the message. Then, delete the message from your computer. > Thank you. > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Kurt Buff > *Sent:* Wednesday, April 09, 2014 12:45 PM > > *To:* [email protected] > *Subject:* Re: [NTSysADM] Heartbleed vulnerability > > > > Don't know, but it might be worthwhile checking on any equipment with a > web server, including: switches, routers, ILO/DRAC, ESX/ESXi, web filters, > spam filters, firewalls, SSL VPN appliances, 3rd party computer management > software (Dell server administrator software, etc.). > > That's just off the top of my head... > > I'm looking for a script to run against my internal infrastructure - > anyone know of one? > > Kurt > > > > On Wed, Apr 9, 2014 at 7:49 AM, David Lum <[email protected]> > wrote: > > *From:* David Lum > *Sent:* Wednesday, April 09, 2014 7:43 AM > *To:* '[email protected]' > *Subject:* Heartbleed vulnerability > > > > Are many of you guys affected by this? > > > https://isc.sans.edu/forums/diary/Patch+Now+OpenSSL+Heartbleed+Vulnerability/17921 > > > > Most likely vectors are apparently Linux-based appliances. > > > > > > > > > > *David Lum* > > *Network System Admin, Information Services* > > *office* 503-265-4728 | modahealth.com <http://www.modahealth.com/> > > *I’m excited to announce that ODS Health is now Moda Health. Please make a > note of my new email address, [email protected] > <[email protected]>, so we can stay connected.* > > This message is intended for the sole use of the individual and entity to > whom it is addressed, and may contain information that is privileged, > confidential and exempt from disclosure under applicable law. If you are > not the intended addressee, nor authorized to receive for the intended > addressee, you are hereby notified that you may not use, copy, disclose or > distribute to anyone the message or any information contained in the > message. If you have received this message in error, please immediately > advise the sender by reply email and delete the message. > > > > > > >
<<inline: image002.png>>
<<inline: image003.jpg>>
