What You Need To Know About Heartbleed, the New Security Bug Scaring the Internet

[mike123abc]

http://www.wired.com/2014/04/cost-of-heartbleed/

Heartbleed causing internet congestion. All the SSL certificates being revoked is causing all the browsers to have to update their revocation list, causing massive download traffic at certificate authorities.

According to CloudFlare, GlobalSign’s CRL grew from 22KB before Heartbleed to 4.9MB afterward.

The number of revoked certificates on the CRL increased from 1,492 to 133,243. And that was just GlobalSign’s CRL.

The update to the CRL list caused a huge spike in requests from browsers for the latest list, which in turn caused a drain on GlobalSign’s bandwidth.

 

[Foxbat]

Had an interesting discovery the other day at work. HP uses an out-of-band Management tool called iLO (integrated Lights-Out) on their servers. Turns out the first and second generations of iLO firmware will crash the management engine if you go scanning for HeartBleed. The only way to recover the iLO is to unplug the power to the server for ten-fifteen seconds!

Fortunately, it doesn't crash the OS running on the server (that would have been a disaster!) but it does mean that we need to make sure that our Corporate Security scans skip these servers until the servers' iLO firmware is updated.

 

[John Kotches]

Most Out of Band managers will allow ssh access. There may also be a way to access the manager through the OS running.

As an example on redhat I can use racadm to issue commands to the DRAC (analog to HPs ILO).



Sent from my SCH-I605 using Tapatalk

 

[mike123abc]

The problem with all the customized vendor supplied management software is that it provides a whole new avenue of possible software bugs.