On Tue, 08 Apr 2014 22:50:26 -0700, Doug Barton said:
On 04/08/2014 10:28 PM, Matt Palmer wrote:
On Wed, Apr 09, 2014 at 12:18:00AM -0500, jamie rishaw wrote:
Here's the only way to keep a system safe from Internet hackers:
http://goo.gl/ZvGrXw [google images]
/me is disappointed
On 04/08/2014 09:46 PM, Rob Seastrom wrote:
If that's true, you might want to consider immediately disconnecting
your systems from the Internet and never re-connecting them. After
all, theres a lot of online unseen code testing your site already
whether you like it or not.
-r
Sending someone
On Apr 09, 2014, at 11:26 , Me jsch...@flowtools.net wrote:
On 04/08/2014 09:46 PM, Rob Seastrom wrote:
If that's true, you might want to consider immediately disconnecting
your systems from the Internet and never re-connecting them. After
all, theres a lot of online unseen code testing your
* jsch...@flowtools.net (Me) [Wed 09 Apr 2014, 17:26 CEST]:
Sending someone to a site with obscure TLDs of .io or .lv doesn't
help in these situations. This is a perfect opportunity for someone
to set up a drive by site to drop malware on someone's computer.
Yes, because obviously .com
On 04/09/2014 09:39 AM, Niels Bakker wrote:
* jsch...@flowtools.net (Me) [Wed 09 Apr 2014, 17:26 CEST]:
Sending someone to a site with obscure TLDs of .io or .lv doesn't
help in these situations. This is a perfect opportunity for someone
to set up a drive by site to drop malware on someone's
* jsch...@flowtools.net (Me) [Wed 09 Apr 2014, 17:51 CEST]:
On 04/09/2014 09:39 AM, Niels Bakker wrote:
* jsch...@flowtools.net (Me) [Wed 09 Apr 2014, 17:26 CEST]:
Sending someone to a site with obscure TLDs of .io or .lv
doesn't help in these situations. This is a perfect opportunity
for
On 04/09/2014 09:59 AM, Niels Bakker wrote:
Then why single out the .io and .lv's? Maybe you missed the trend (by
now a few years old) to get domains in those and similar ccTLD's for
startups? Why even try to portray them as less trusted, as you
plainly did in the quoted paragraph?
On 2014-04-08 21:57, bmanning wrote:
On Tue, Apr 08, 2014 at 11:46:31PM -0400, Rob Seastrom wrote:
If that's true, you might want to consider immediately disconnecting
your systems from the Internet and never re-connecting them. After
all, theres a lot of online unseen code testing your site
,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
presume, into some versions of operating systems based on them
I'm really surprised no one has mentioned this here yet...
we're all to damned busy updating and generating keys
you might like (thanks smb, or was it sra)
openssl s_client -connect google\.com:443 -tlsextdebug 21| grep 'server
extension heartbeat (id=15)' || echo safe
randy, who is almost
On Tue, Apr 8, 2014 at 4:35 AM, Randy Bush ra...@psg.com wrote:
I'm really surprised no one has mentioned this here yet...
we're all to damned busy updating and generating keys
you might like (thanks smb, or was it sra)
openssl s_client -connect google\.com:443 -tlsextdebug 21| grep
: Fwd: Serious bug in ubiquitous OpenSSL library: Heartbleed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in ubiquitous
OpenSSL
Kristolaitis [mailto:alte...@alter3d.ca]
Sent: Tuesday, April 08, 2014 1:19 AM
To: nanog@nanog.org
Subject: Re: Serious bug in ubiquitous OpenSSL library: Heartbleed
Not just run the updates -- all private keys should be changed too, on
the assumption that they've been compromised already
Randy Bush ra...@psg.com writes:
you might like (thanks smb, or was it sra)
openssl s_client -connect google\.com:443 -tlsextdebug 21| grep 'server
extension heartbeat (id=15)' || echo safe
protip: you have to run this from a device that actually is running
1.0.x, i.e. supports the
soon but be careful!
Mike
On 04/07/2014 10:06 PM, Paul Ferguson wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous
this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
presume, into some versions of operating
message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
presume, into some versions of operating systems based on them.
OpenSSL is used in web
Subject: Serious bug in ubiquitous
OpenSSL library: Heartbleed Date: April 7, 2014 at 9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd presume,
into some versions of operating systems based on them.
OpenSSL is used in web servers, mail servers, VPNs, and many other
in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
presume, into some versions of operating systems based on them.
OpenSSL is used in web servers, mail servers, VPNs, and many other
places.
Writeup
really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
presume, into some versions of operating systems based on them.
OpenSSL is used in web servers, mail servers, VPNs, and many other
-Original Message-
From: Paul Ferguson [mailto:fergdawgs...@mykolab.com]
Sent: Tuesday, April 08, 2014 12:07 AM
To: NANOG
Subject: Fwd: Serious bug in ubiquitous OpenSSL library: Heartbleed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet
, 2014 12:07 AM
To: NANOG
Subject: Fwd: Serious bug in ubiquitous OpenSSL library: Heartbleed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org
Once upon a time, Frank Bulk frnk...@iname.com said:
If we would front our HTTPS services with a (OpenSSL vulnerable)
load-balancer that does the SSL work and we just use HTTP to the service,
will that mitigate information loss that's possible with this exploit? Or
will the OpenSSL code on
: Serious bug in ubiquitous OpenSSL library: Heartbleed
Not just run the updates -- all private keys should be changed too, on
the assumption that they've been compromised already. THAT is going to
be the crappy part of this.
- Pete
On 4/8/2014 1:13 AM, David Hubbard wrote:
RHEL and CentOS
On 04/08/2014 10:16 AM, Patrick W. Gilmore wrote:
Lots of tools available. I'm with ferg, surprised more haven't been mentioned
here.
Tools to check for the bug:
• on your own box:
https://github.com/musalbas/heartbleed-masstest/blob/master/ssltest.py
• online:
On Tue, Apr 08, 2014 at 05:56:45PM -0600, Me wrote:
On 04/08/2014 10:16 AM, Patrick W. Gilmore wrote:
Lots of tools available. I'm with ferg, surprised more haven't been
mentioned here.
Tools to check for the bug:
• on your own box:
Me jsch...@flowtools.net writes:
Thanks for the expanded list, I had some of these already. I'm not
comfortable in letting some online code that I can't see test my site
though.
If that's true, you might want to consider immediately disconnecting
your systems from the Internet and never
On Tue, Apr 08, 2014 at 11:46:31PM -0400, Rob Seastrom wrote:
Me jsch...@flowtools.net writes:
Thanks for the expanded list, I had some of these already. I'm not
comfortable in letting some online code that I can't see test my site
though.
If that's true, you might want to consider
Here's the only way to keep a system safe from Internet hackers:
http://goo.gl/ZvGrXw [google images]
-j
On Wed, Apr 09, 2014 at 12:18:00AM -0500, jamie rishaw wrote:
Here's the only way to keep a system safe from Internet hackers:
http://goo.gl/ZvGrXw [google images]
/me is disappointed that wasn't a pair of scissors
- Matt
--
Sure, it's possible to write C in an object-oriented way. But,
On 04/08/2014 10:28 PM, Matt Palmer wrote:
On Wed, Apr 09, 2014 at 12:18:00AM -0500, jamie rishaw wrote:
Here's the only way to keep a system safe from Internet hackers:
http://goo.gl/ZvGrXw [google images]
/me is disappointed that wasn't a pair of scissors
... or a backhoe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
...@mykolab.com]
Sent: Tuesday, April 08, 2014 1:07 AM
To: NANOG
Subject: Fwd: Serious bug in ubiquitous OpenSSL library: Heartbleed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r
this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in
ubiquitous OpenSSL library: Heartbleed Date: April 7, 2014 at
9:27:40 PM EDT
This reaches across many versions of Linux and BSD and, I'd
presume, into some versions of operating
: Serious bug in ubiquitous OpenSSL library: Heartbleed
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I'm really surprised no one has mentioned this here yet...
FYI,
- - ferg
Begin forwarded message:
From: Rich Kulawiec r...@gsp.org Subject: Serious bug in ubiquitous
OpenSSL library: Heartbleed
36 matches
Mail list logo