Educause Security Discussion mailing list archives
Re: Finding Servers Using OpenSSL SSL/TLS
From: Peter Setlak <psetlak () COLGATE EDU>
Date: Fri, 11 Apr 2014 12:58:46 -0400
I created a monitor on our Application Firewalls to see anything using SSL (catching additional ports). As we verified the services listening on those ports were clean and/or after we patched them if needed, I adjusted the filter to ignore them. On Fri, Apr 11, 2014 at 12:51 PM, Mike Cunningham <mike.cunningham () pct edu>wrote:
Do you do anything with cloud/3rd party/off campus systems that Columbia uses ? -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Joel L. Rosenblatt Sent: Friday, April 11, 2014 12:49 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Finding Servers Using OpenSSL SSL/TLS We keep a constantly updating list of any IP address that accepts connections on port 443 using netflow information, we test them for the Heartbleed bug and inform the machine owner if they have a problem Thanks, Joel Rosenblatt Joel Rosenblatt, Director Network & Computer Security Columbia Information Security Office (CISO) Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 <%20212%20854%203033> http://www.columbia.edu/~joelPublic PGP key http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3 On Fri, Apr 11, 2014 at 11:33 AM, Pratt, Benjamin E. <bepratt () stcloudstate edu> wrote:Good morning everyone. The question: What would be the best option for determining remotely whether a serverutilizes OpenSSL SSL/TLS for encrypting https traffic?The background: I'm hoping the list can provide a little assistance in dealing with theaftermath of the Heartbleed vulnerability.The good news is a scan of our campus network indicates that we arenearly fully patched. The bad news is that not all of the https servers utilizing OpenSSL SSL/TLS are centrally controlled. This means that we don't know which servers were patched before our first scan and therefore where all of the servers that were vulnerable, over the past two years, are located.I am attempting to put together options that include changing out SSLcertificates and notifying users of previously vulnerable systems to update passwords. If I am able to provide more specific information about the scope of our endeavor it would certainly be an added value.Thank you, Ben -- Benjamin Pratt St. Cloud State University
-- Thank you, Peter J. Setlak Network Security Analyst, GSEC, GLEG, GCPM Colgate University --- psetlak () colgate edu (315) 228-7151 Case-Geyer 450 Colgate IT Security - http://colgate.edu/itsecurity Think *Green!* Please consider the environment before printing this email. *Engage with Colgate University: * News blog <http://blogs.colgate.edu/>, Twitter<https://twitter.com/#%21/colgateuniv> , Facebook <https://www.facebook.com/colgateuniversity>, Google+<https://plus.google.com/u/0/b/113333907606560373469/> , Delicious <http://www.delicious.com/colgatenewsmakers>, YouTube<http://www.youtube.com/cuatchannel13> , Flickr <http://www.flickr.com/photos/colgateuniversity/>, Pinterest<http://pinterest.com/colgateuniv/> , LinkedIn <http://www.linkedin.com/company/colgate-university/>
Current thread:
- Finding Servers Using OpenSSL SSL/TLS Pratt, Benjamin E. (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Joel L. Rosenblatt (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Mike Cunningham (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Peter Setlak (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Joel L. Rosenblatt (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Mally Mclane (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Joel L. Rosenblatt (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Cheryl O'Dell (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Mike Cunningham (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Joel L. Rosenblatt (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Steven Carmody (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Joel L. Rosenblatt (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Peter Setlak (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Ken Connelly (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Tim Doty (Apr 11)
- Re: Finding Servers Using OpenSSL SSL/TLS Peter Setlak (Apr 11)