nanog mailing list archives

Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed"

From: Me <jschiel () flowtools net>
Date: Tue, 08 Apr 2014 17:56:45 -0600


On 04/08/2014 10:16 AM, Patrick W. Gilmore wrote:

Lots of tools available. I'm with ferg, surprised more haven't been mentioned here.

Tools to check for the bug:
        • on your own box: https://github.com/musalbas/heartbleed-masstest/blob/master/ssltest.py
        • online: http://filippo.io/Heartbleed/ (use carefully as they might log what you check)
        • online: http://possible.lv/tools/hb/
        • offline: https://github.com/tdussa/heartbleed-masstest <--- Tobias Dussa, also Takes a CSV file with host 
names for input and ports as parameter
        • offline: http://s3.jspenguin.org/ssltest.py
        • offline: https://github.com/titanous/heartbleeder

List of vulnerable Linux distributions: <http://www.circl.lu/pub/tr-21/>.

Anyone have any more?

Thanks for the expanded list, I had some of these already. I'm notcomfortable in letting some online code that I can't see test my sitethough.


--John

Current thread:

Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed", (continued)
- Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Peter Kristolaitis (Apr 07)
- Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Maxim Khitrov (Apr 07)
- Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Randy Bush (Apr 08)
  - Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Maxim Khitrov (Apr 08)
  - Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Rob Seastrom (Apr 08)
- Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Michael Thomas (Apr 08)
  - Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Richard Hesse (Apr 08)
  - Re: Fwd: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Jonathan Lassoff (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Patrick W. Gilmore (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Maxim Khitrov (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Me (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" bmanning (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Rob Seastrom (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" bmanning (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" jamie rishaw (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Matt Palmer (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Doug Barton (Apr 08)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Valdis . Kletnieks (Apr 09)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Jima (Apr 09)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Me (Apr 09)
    - Re: Serious bug in ubiquitous OpenSSL library: "Heartbleed" Patrick W. Gilmore (Apr 09)

(Thread continues...)