Public service announcement: If you own or run any Linux web servers, cloud or dedicated, that use https, then upgrade your version of openssl immediately, restart all open files, then re-issue your SSL certificates with new private keys.
Process: Determine if your version of SSL is vulnerable:
lsof -n | grep ssl | grep DEL
If any running programs show up in the list, you're going to need to...
yum clean metadata && yum update openssl
or...
apt-get update && apt-get install openssl
Then run that original lsof command and restart EVERYTHING that shows up on the list. Then you can replace your certificates and key.
For git lovers, there's this repo for testing vulnerable port 443s from the outside, if you also like python.
End public service announcement, though this is what happens when you update your libraries to counter one theoretical BEAST attack and make yourself vulnerable to something much more serious.
Process: Determine if your version of SSL is vulnerable:
lsof -n | grep ssl | grep DEL
If any running programs show up in the list, you're going to need to...
yum clean metadata && yum update openssl
or...
apt-get update && apt-get install openssl
Then run that original lsof command and restart EVERYTHING that shows up on the list. Then you can replace your certificates and key.
For git lovers, there's this repo for testing vulnerable port 443s from the outside, if you also like python.
End public service announcement, though this is what happens when you update your libraries to counter one theoretical BEAST attack and make yourself vulnerable to something much more serious.
Comment