At SANS 2014 last night, I gave a quick briefing on the HeartBleed vulnerability that impacts the security of the Internet. I wanted to post a few links in the interim (until the webcast itself is published, which I'm told will be by 3PM EDT).
The slides are available here.
I have built a server in the cloud that exposes the vulnerability. You can access the server at https://heartbleed.csr-group.com until it gets taken down by the hosting provider (which seems inevitable). However, if your management needs to see this in action, please feel free to use the server to demonstrate the vulnerability.
Additionally, I took a packet capture that exposes the vulnerability. This is suitable for testing your IDS signatures against. Hopefully you find this useful as well. The packet capture can be downloaded here.
Finally, I have a few notes that were passed to me after the simulcast:
- First, I was working on web servers all day (which are the bulk of many of my client's business) and had not investigated OpenSSH. During the Q&A, I erroneously concluded that SSH linked against vulnerable versions of OpenSSL were probably vulnerable. This was incorrect. The good folks at the SANS ISC were quick to point this out on Twitter and I retweeted it.
- A good fried of SANS, Tim Tomes, pointed out that while IIS servers are not vulnerable, many IIS server farms use a Nginx or Apache load balancing device that terminates SSL. As time puts it "most web servers are not on an island." Hard to argue with that. If you run Nginx or Apache as a load balancer/SSL terminator for an IIS server, that doesn't make the IIS server itself vulnerable. However, your certificates are still up for grabs if the SSL terminating device is vulnerable.
- Eric Miller emailed me last night and helpfully told me that Android moved to OpenSSL 1.0.1 (the vulnerable version) in Android 4.1.0 but then disabled heartbeats in 4.1.2. This leads me to conclude that only version 4.1.0 and 4.1.1 would be vulnerable. Google confirms that 4.1.1 (Jelly Bean) is vulnerable. This is really bad, because according to these numbers, that's more than a third of Android devices use 4.1. The specific breakdowns of versions within the 4.1.x family is unavailable at this time.
- A malicious server has been created to attack vulnerable clients. I have not tested this yet and can't vouch that it is safe for use. However, @SecPhil pointed out that server code did indeed already exist. @sambowne, a generally awesome guy who has an eerily similar Twitter picture (we look nothing alike in real life), posted a malicious server here.