[LUNA] heartbleed
Bob Nance
bob.nance at novationsys.com
Thu Apr 10 10:26:03 CDT 2014
ALL versions of OpenSSL had the bug.
There is no way to track that the bug was triggered.
It did not require you to actually access or authenticate to the system in
any way.
The bug, basically, did a memory dump of the running system (as I
understand it).
So, it must be assumed that EVERY OpenSSL implementation was being
triggered every few minutes since the dawn of time.
Yes, it¹s that bad.
--
Bob Nance
Novation Systems
256-534-4620; 227
On 4/10/14, 6:54 AM, "Allen Krell" <allen.krell at gmail.com> wrote:
>I am just picking up on news stories on the 'heartbleed' problem. Is it
>really as serious as some sites are saying? Almost every website, every
>password compromised?
>
>Allen
>-------------- next part --------------
>An HTML attachment was scrubbed...
>URL:
><http://lunagroup.us/pipermail/luna/attachments/20140410/8b113ad5/attachme
>nt.html>
>_______________________________________________
>LUNA mailing list
>LUNA at lunagroup.us
>http://lunagroup.us/mailman/listinfo/luna
More information about the LUNA
mailing list