How did HeartBleed affect you?

Toggle sidebar Toggle sidebar
riahc3

riahc3

Senior member
Apr 4, 2014
640
0
0
Title says it all.

For me, I had to update a NAS and a OpenVPN server. One didn't generate certificates but the other did so I had to carefully revoke those as the clients on the other side were on other continents and obviously I couldn't give them the client certs that easily. Some I did not revoke because they are critical.

I patched all the OpenSSL libraries on all PCs/servers.

My phone is STILL affected. Looking for a way to fix that.
 
KillerBee

KillerBee

Golden Member
Jul 2, 2010
1,750
82
91
Pretty sure client certificates could have been stolen by a malicious server just the same via heartbleed if they coaxed them into visiting somehow until all the client software openssl dependencies are upgraded.

So unless you revoke those client certificates how do you know who they are?
 
Last edited:
riahc3

riahc3

Senior member
Apr 4, 2014
640
0
0
KillerBee said:
Pretty sure client certificates could have been stolen by a malicious server just the same via heartbleed if they coaxed them into visiting somehow until all the client software openssl dependencies are upgraded.

So unless you revoke those client certificates how do you know who they are?
Click to expand...
Like I said, I revoked some of them but others are impossible as they are critical and at a remote location.
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom