Welcome! Log In Create A New Profile

Re: RE: OpenSSL leaks server-Keys / The Heartbleed Bug

Forum List Message List New Topic Print View

itpp2012

April 14, 2014 03:03PM

Admin
Registered: 11 years ago
Posts: 1,297

Fyi. if you are running a ssl tunnel like stunnel with openssl 0.9.x, this attack is logged as "SSL3_GET_RECORD:wrong version number" as opposed to no nginx/openssl logging.

If you have logging going back 2 years and you are seeing these log entries now, you may be able to detect attacks from before 7-4-2014.

Here we have many stunnels with openssl 0.9.x and found the first attacks at: 2014.04.08 22:19:14 (CET) in more then 2 years of logging.

---
nginx for Windows http://nginx-win.ecsds.eu/

Reply Quote

RSS

Subject	Author	Posted
OpenSSL leaks server-Keys / The Heartbleed Bug	mex	April 08, 2014 06:50AM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	mex	April 08, 2014 06:18PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Raul Hugo	April 08, 2014 06:24PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	B.R.	April 08, 2014 07:02PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Maxim Konovalov	April 09, 2014 05:24AM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	mex	April 09, 2014 02:47PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Valentin V. Bartenev	April 11, 2014 12:12PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Jim Ohlstein	April 11, 2014 12:36PM
Re: OpenSSL leaks server-Keys / The Heartbleed Bug	Philipp	April 11, 2014 12:42PM
RE: OpenSSL leaks server-Keys / The Heartbleed Bug	Lukas Tribus	April 12, 2014 07:16AM
Re: RE: OpenSSL leaks server-Keys / The Heartbleed Bug	itpp2012	April 14, 2014 03:03PM
Re: RE: OpenSSL leaks server-Keys / The Heartbleed Bug	Maxim Dounin	April 15, 2014 07:44AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 311

Record Number of Users: 8 on April 13, 2023

Record Number of Guests: 421 on December 02, 2018