[tech] OpenSSL "Heartbleed" Issues

Sam Moore matches at ucc.asn.au
Tue Apr 15 01:20:35 WST 2014 

I'm currently scanning the 130.95.13.0/24 range using the `ssltest.py` 
script from pacemaker (see original tech@ email), which someone should 
probably have done much earlier than this.

[BOB] has just raised in #ucc that we need to check/upgrade all our old 
machines (eg Camp Router "beatentrack" etc) before we use them again.

Anyone with a colocated machine or VM please actually subscribe to tech@ 
and also email wheel@ or tech@ to confirm you have updated your machine, 
or we will shut it down (This is regardless of the results of the scan. 
Don't trust me to get it right).

I have updated curious. There's been a lot of traffic to the https 
server on it from port scanners by the way. Also some traffic by 
vulnerable clients that spit back interesting html/javascript :S

We should probably check all our desktops as well. The 7 bytes from 
Iceweasel was a red herring, but clients like wget and lynx may be 
vulnerable. I think [SLX] has upgraded at least one desktop that had a 
vulnerable client?

There won't be any more emails to ucc@ - subscribe to tech@ if this 
affects you or you care otherwise.

[SZM]
What passes for a wheel member these days...

PS: I updated curious on 10/04/14

On 15/04/14 00:56, Ian McKellar wrote:
> Is there a scanner we can run against the VMs? Actually generally are
> there vulnerability scanners we can run automatically against the VMs?
> Seems like anything unpatched could be warned & then firewalled to the
> UCC. Could be a fun security project for someone who was so interested.
>
> Ian
> On Mon Apr 14 2014 at 9:46:33 AM, Sam Moore <matches at ucc.asn.au
> <mailto:matches at ucc.asn.au>> wrote:
>
>     On 10/04/14 11:44, Sam Moore wrote:
>      > Servers
>      > -------
>      >
>      >   From #ucc I gather that [DAA] already updated all our servers.
>      >
>      > But if you have a collocated machine you need to update your openssl
>      > libraries yourself.
>      >
>
>     A reminder to people that yes you actually do need to update ssl on your
>     VM or collocated machine or bad things can (and did) happen and we will
>     kill it with fire. Or it will kill us. But hopefully the former.
>
>     [SZM]
>     _________________________________________________
>     List Archives: http://lists.ucc.gu.uwa.edu.__au/pipermail/tech
>     <http://lists.ucc.gu.uwa.edu.au/pipermail/tech>
>
>     Unsubscribe here:
>     http://lists.ucc.gu.uwa.edu.__au/mailman/options/tech/yakk%__40ucc.gu.uwa.edu.au
>     <http://lists.ucc.gu.uwa.edu.au/mailman/options/tech/yakk%40ucc.gu.uwa.edu.au>
>

More information about the tech mailing list