Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

What should users do immediately about the heartbleed openssl


  • Please log in to reply
3 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:31 AM

Posted 11 April 2014 - 01:23 AM

 

Affected versions: OpenSSL versions from 1.0.1 to 1.0.1f.
The vulnerability has been fixed in OpenSSL 1.0.1g.

$ uname -a
Linux desktop 3.11.0-14-generic #21-Ubuntu SMP Tue Nov 12 17:04:55 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

$ openssl
OpenSSL> version
OpenSSL 1.0.1e 11 Feb 2013

$ sudo apt-get remove openssl
$ sudo apt-get install openssl

$ openssl
OpenSSL> version
OpenSSL 1.0.1e 11 Feb 2013

 

 

To see what version you have open terminal and type

 

openssl version -a

It should say build date: April 7 or April 8 if you have the patched version.

 

 

Set "Check for certificate revocation" on in all browsers. Even after servers have installed the 1.0.1g fix, they then need to revoke their current certificate and issue a new one.

The latest version of Firefox should be set to automatically check ssl certs for validity.

 

 

LINUX USERS PLEASE READ THE REST @ UNBUNTU FORUMS

http://ubuntuforums.org/showthread.php?t=2215886


Edited by NickAu1, 11 April 2014 - 02:23 AM.

Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


BC AdBot (Login to Remove)

 


#2 TsVk!

TsVk!

    penguin farmer


  • Members
  • 6,233 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Antipodes
  • Local time:06:31 AM

Posted 11 April 2014 - 06:04 PM

Everyone at the office was freaking out about this... fortunately I've not had the chance/motivation to upgrade to squeeze from wheezy. So, it proves that being lazy does actually pay off sometimes... lol.



#3 NickAu

NickAu

    Bleepin' Fish Doctor

  • Topic Starter

  • Moderator
  • 13,254 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:31 AM

Posted 11 April 2014 - 07:53 PM

A lot of puppies do not suffer from it the ones that do the fix is avail thru ppm. I just updated my 5.7.1.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#4 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,015 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:04:31 PM

Posted 12 April 2014 - 12:23 AM

It's great to see this posted in the Linux section, because many will think that due to running Linux, this can't happen & totally ignore reading about the threat.

 

 

Set "Check for certificate revocation" on in all browsers. Even after servers have installed the 1.0.1g fix, they then need to revoke their current certificate and issue a new one.

This is a manual setting in Google Chrome, under Advanced Settings. Fortunately, long ago, I have enabled this, just because the setting implied tighter security. It is a lot of work to stay in front of the bad guys.

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users