Author Topic: OpenSSL vulnerability  (Read 2200 times)

0 Members and 1 Guest are viewing this topic.

Offline Bill

  • Netter Nutter
  • ********
  • Posts: 3386
  • Karma: 57
  • Older and wiser.... yeah, right.
    • Gallery
OpenSSL vulnerability
« on: Apr 08, 2014, 12:15:09 »
Bill
BQMs-  IPv4  IPv6

Offline Gary

  • Supreme Netter
  • *************
  • Posts: 15688
  • Karma: 241
Re: OpenSSL vulnerability
« Reply #1 on: Apr 09, 2014, 08:39:11 »
tested idnet and a bunch of sites which all seem safe, including idnet.com. Not sure about modems and routers though, seems its best to turn off remote management which is fine in my router, no idea about BT's modem though as that is remotely managed for firmware updates from btor or btw whoever manages software on that. :fingers:

Offline nowster

  • Netter Nutter
  • ********
  • Posts: 2736
  • Karma: 24
Re: OpenSSL vulnerability
« Reply #2 on: Apr 09, 2014, 09:21:06 »
Things that might be affected include any SSL/TLS web server (https), openvpn, tor, mail servers and any other service that encrypts a link using SSL or TLS. (ssh uses a different mechanism altogether.)

Offline Gary

  • Supreme Netter
  • *************
  • Posts: 15688
  • Karma: 241
Re: OpenSSL vulnerability
« Reply #3 on: Apr 09, 2014, 09:25:57 »
Things that might be affected include any SSL/TLS web server (https), openvpn, tor, mail servers and any other service that encrypts a link using SSL or TLS. (ssh uses a different mechanism altogether.)
Theres a site that you can put links into to test, tbh im not wearing a tin foil hat over this as TOR suggest we dont use the internet till its sorted, where as most sites I use test fine already, not sure about the BTOR modem and my router though...although the latter had a firmware update yesterday. https://www.ssllabs.com/ssltest/ idnets mail servers seem ok
« Last Edit: Apr 09, 2014, 09:42:32 by Gary »

Offline Gary

  • Supreme Netter
  • *************
  • Posts: 15688
  • Karma: 241
Re: OpenSSL vulnerability
« Reply #4 on: Apr 10, 2014, 11:43:50 »

Offline nowster

  • Netter Nutter
  • ********
  • Posts: 2736
  • Karma: 24
Re: OpenSSL vulnerability
« Reply #5 on: Apr 11, 2014, 16:12:32 »
Good explanation of how it works in today's XKCD comic: http://xkcd.com/1354/


Show unread posts since last visit.
 

Any information and links published in the forum are posted in good faith, but the forum staff and
owners cannot and do not accept responsibility for the content and accuracy of external websites.