OpenSSL Heartbleed bug: CVE-2014-0160

Reply
Highlighted
L0 Member

Re: OpenSSL Heartbleed bug: CVE-2014-0160

davido140 wrote:

Just used heartbleed in the threat name on the rule in the Vuln' protection profile and set the action to block

This forces traffic to be dropped for the "medium" severity threats related to heartbleed in the 430 update.

Effect from one of the online tests will be a timeout and you'll get an event in the threat log.

The target system MUST be vulnerable to trigger these signatures, if you've already patched it you wont see anything in the logs.

Ah, so you made a custom Vulnerability Protection profile then applied that to your security policies. . That makes sense. Thank you!

L2 Linker

Re: OpenSSL Heartbleed bug: CVE-2014-0160

I've had problems installing on some 2020 appliances, (3020's have been fine)..

I've put it down to crappy management plane resources.

try from the cli...

request content check


then

request content upgrade download latest

then

request content upgrade install latest

show jobs id xxxx to see the progress of any of these.

Seemed to work for me..

L2 Linker

Re: OpenSSL Heartbleed bug: CVE-2014-0160

no probs

Should mention, if you have medium severity threats set to alert in the profile, make sure that the rule for heartbleed is above this! you can shuffle the ordering around in the vuln' protection profile.

L4 Transporter

Re: OpenSSL Heartbleed bug: CVE-2014-0160

I don't understand how this test works. I put my information in and then it just read G0!Go!

L3 Networker

Re: OpenSSL Heartbleed bug: CVE-2014-0160

Are there any screenshort for heartbleed attack into system ?

Please share ?

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!