[kwlug-disc] Heartbleed affected sites
bjonkman at sobac.com
Fri Apr 11 17:44:00 EDT 2014
-----BEGIN PGP SIGNED MESSAGE-----
If your router is accessible from the WAN port via http then you have
more urgent problems than Heartbleed.
If a site has both http and https then there's no (new) vulnerability
with http, but a Heartbleed attack on https can still extract
passwords and other info.
To extract a password from an http session a bad guy needs to be a
man-in-the-middle, or sniffing the network (remember Firesheep?). To
extract a password with Heartbleed an attacker only has to initiate an
On 14-04-11 05:35 PM, Khalid Baheyeldin wrote:
> But, wouldn't Heartbleed be an issue, only if you use SSL on the
> site? For example, if you have OpenWRT/Tomato/DD-WRT and logging
> via http (not https), then there is no exploit via OpenSSL?
> On Fri, Apr 11, 2014 at 3:26 PM, Bob Jonkman <bjonkman at sobac.com>
> If you're using a tool to check for Heartbleed vulnerabilities, be
> sure to check the Web interface on your router and/or modem as
> I'm not sure if router vendors are on top of this, but according
> to ssltest.py my Tomato/MLPPP Version 1.25-mp3alpha6 (from
> http://fixppp.org ) is not vulnerable, nor my Thomson Speedtouch
> modem with firmware 220.127.116.11
> Also, somebody asked me how safe these vulnerability checking
> to say they're not merely displaying "all is well", and actually
> compiling a list of vulnerable sites for later exploitation?
> On 14-04-08 12:06 PM, Khalid Baheyeldin wrote:>
>>>> You can use this python tool ssltest.py to check if your
>>>> servers are vulnerable:
>>>> $ wget -O ssltest.py "http://pastebin.com/raw.php?i=WmxzjkXJ"
>>>> $ python ssltest.py example.com
> On 14-04-11 10:51 AM, CrankyOldBugger wrote:
>>>> Mashable has a list going of sites affected by Heartbleed:
Don't forget to add Canada Revenue (and most other government
>>>> sites) to your list of passwords to change!
> Bob Jonkman <bjonkman at sobac.com> Phone: +1-519-669-0388
> SOBAC Microcomputer Services http://sobac.com/sobac/
> http://bob.jonkman.ca/blogs/ http://sn.jonkman.ca/bobjonkman/
> Software --- Office & Business Automation --- Consulting
> GnuPG Fngrprnt:04F7 742B 8F54 C40A E115 26C2 B912 89B0 D2CC E5EA
>> _______________________________________________ kwlug-disc
>> mailing list kwlug-disc at kwlug.org
> _______________________________________________ kwlug-disc mailing
> list kwlug-disc at kwlug.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Ensure confidentiality, authenticity, non-repudiability
-----END PGP SIGNATURE-----
More information about the kwlug-disc