Heartbleed Bug (Protecting servers against this bug)

by GOKILAVANI 2014-04-11 18:04:36

Heartbleed bug affect the popular vulnerable or weakness present in OpenSSL cryptographic software library.

Data protected under normal conditions by SSL/TLS encryption used to secure the Internet are stolen by this bug.

OpenSSL is an open source library that manages secure, encrypted communications for the majority of online web servers.

Managing secure,encrypted communications for the majority of online web servers is done by OpenSSL and heartbleed bug is implemented in OpenSSL.

Encrypted commmunication (https:// —) supported servers are highly affected by this heartbleed bug.
Protect the leak:
Fix has to be install for available os,network and software applications.

Heartbleed test:
Enter the host name of a server to test it for vulnerability in the heartbleed protection website.

Server admin:
Version 1.0.1g of OpenSSL -patched heartbleed bug.

Use-DOPENSSL_NO_HEARTBEATS if updated version is not available.

web surfer:

There is a very high chance that your name and password is currently on a server that is vulnerable to the Heartbleed bug.

If you’re a server admin, you really need to issue new security certificates for any affected domains.

Until all of your websites have updated to a secure version of OpenSSL, you’re still vulnerable.

You must LOGIN to add comments