Heartbleed bug

We may earn a small commission from affiliate links and paid advertisements. Terms

Briansol

Admins
Admin
VIP
You probably have heard about it by now.
If not, read: http://techcrunch.com/2014/04/07/ma...sl-could-effect-a-huge-chunk-of-the-internet/

In case you are wondering, HS server was patched within a few hours of it becoming public knowledge.

Code:
 [~]# yum list installed | grep -i openssl
cpanel-perl-514-Crypt-OpenSSL-Bignum.x86_64  0.04-1.cp1136  installed
cpanel-perl-514-Crypt-OpenSSL-DSA.x86_64  0.13-1.cp1136  installed
cpanel-perl-514-Crypt-OpenSSL-RSA.x86_64  0.28-1.cp1136  installed
cpanel-perl-514-Crypt-OpenSSL-Random.x86_64  0.04-1.cp1136  installed
openssl.x86_64  1.0.1e-16.el6_5.7  @updates
openssl-devel.x86_64  1.0.1e-16.el6_5.7  @updates

We have no reason to believe anything was compromised or even attempted.. We don't even use SSL, as we don't do any transactions other than logging in to the forum but our sever is equipped with the openSSL software.

You should NEVER use a password on a forum/etc that is non-ssl on other sites that are, such as your bank, especially if you use group unsecured wifi (ie, at a coffee shop or even your work's wifi lan).

Consider your own surroundings and be smart. Never submit a password for something you care about on open wifi.
 
My password here is different from any other. I have been lucky enough to have 2 different emails hacked a total of 3 times in the past 2 months. Changed my passwords, all seems to be well.
 
K, so the forums Im on all have different pass words, I only check my bank account from my home network, and I havent made any online purchases in the last 2 weeks. Thinkin Im most likely in the clear?
 
USAA Bank was vulnerable to heartbleed, and this bug is pretty bad no matter what network you're on. Basically, if you're not positive the site in question was using something other than openssl (and a lot have come forward), you should change that password on that site and every site you use it on.
 
check the SSL association in the browser bar.
 
screenshot? cause i've never seen this. at work we actually have a heartbleed demo box setup to check all of our machines....and we have the second largest public compute deployment in the world.....
 
you know, that little lock button that appears when you are on a secure site? if you click it you can see the SSL info.
 
no shit man, but where is it in chrome for example. cant seem to find anything that says 'OpenSSL' or 'Microsoft Proprietary' or anything like that.
 
Im using chrome on my phone and it appears in the address bar to the far left.

EDIT: Not sure if thats what you meant, but Ill leave it there lol.
 
Back
Top