Re: Finding Servers Using OpenSSL SSL/TLS

[Ken Connelly <Ken.Connelly () UNI EDU>]

Please note that some distros backport patches, so the version string
may not be meaningful.

- ken

On 4/11/14, 12:15 PM, Peter Setlak wrote:
> Along with watching for SSL traffic, we've been checking systems that
> may have OpenSSL installed and running:
>
> ./openssl version
>
> Hoping they come back 0.98 (or at least not 1.0.1[-f]).
>
>
> On Fri, Apr 11, 2014 at 1:11 PM, Joel L. Rosenblatt <joel () columbia edu
> <mailto:joel () columbia edu>> wrote:
>
>     We have been running a ssltest python script (from
>     https://gist.github.com/jpicht/10114168) and verifying the results
>     with the http://filippo.io/Heartbleed web site
>
>     We have repaired all but 1 or 2 at this point - the process will keep
>     on running to catch new ones that will pop up
>
>     Thanks,
>     Joel
>
>
>     Joel Rosenblatt, Director Network & Computer Security
>     Columbia Information Security Office (CISO)
>     Columbia University, 612 W 115th Street, NY, NY 10025 /212 854
>     3033 <tel:%20212%20854%203033>
>     http://www.columbia.edu/~joel <http://www.columbia.edu/%7Ejoel>
>     Public PGP key
>     http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
>
>
>     On Fri, Apr 11, 2014 at 12:52 PM, Steven Carmody
>     <steven_carmody () brown edu <mailto:steven_carmody () brown edu>> wrote:
>     > On 4/11/14 12:49 PM, Joel L. Rosenblatt wrote:
>     >>
>     >> We keep a constantly updating list of any IP address that accepts
>     >> connections on port 443 using netflow information, we test them for
>     >> the Heartbleed bug and inform the machine owner if they have a
>     problem
>     >>
>     >
>     > Can you provide any more detailing info about how you test
>     machines for the
>     > Heartbleed vulnerability ? Are you looking at the headers that
>     returned, or
>     > doing something else ?
>     >
>
>
>
>
> -- 
> Thank you,
>
> Peter J. Setlak
> Network Security Analyst, GSEC, GLEG, GCPM
> Colgate University
> ---
> psetlak () colgate edu <mailto:psetlak () colgate edu>
> (315) 228-7151
> Case-Geyer 450
>
> Colgate IT Security - http://colgate.edu/itsecurity
>
> Think *Green!* Please consider the environment before printing this
> email.
>
> *Engage with Colgate University: 
> *
> News blog <http://blogs.colgate.edu/>, Twitter
> <https://twitter.com/#%21/colgateuniv>, Facebook
> <https://www.facebook.com/colgateuniversity>, Google+
> <https://plus.google.com/u/0/b/113333907606560373469/>, Delicious
> <http://www.delicious.com/colgatenewsmakers>, YouTube
> <http://www.youtube.com/cuatchannel13>, Flickr
> <http://www.flickr.com/photos/colgateuniversity/>, Pinterest
> <http://pinterest.com/colgateuniv/>, LinkedIn
> <http://www.linkedin.com/company/colgate-university/>

-- 
- Ken
=================================================================
Ken Connelly             Associate Director, Security and Systems
ITS Network Services                  University of Northern Iowa
email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373

Any request to divulge your UNI password via e-mail is fraudulent!