[Ach] 'Heartbleed' and OpenVPN
L. Aaron Kaplan
aaron at lo-res.org
Fri Apr 11 12:12:25 CEST 2014
On Apr 8, 2014, at 12:15 PM, Pepi Zawodsky <pepi.zawodsky at maclemon.at> wrote:
> On 08.04.2014, at 12:07, René Pfeiffer <lynx at luchs.at> wrote:
>> 'Heartbleed' bug
>
> Don't know enough about it yet, but testing tools of mixed quality are popping up:
>
> Both can only test implicit SSL/TLS but not STARTTLS
>
> For publicly reachable services (443, 465, 993, 995)
> http://filippo.io/Heartbleed/
>
> Also for private services
> http://s3.jspenguin.org/ssltest.py
>
Be careful with that script. It produces false negatives.
> Best regards
> Pepi
> _______________________________________________
> Ach mailing list
> Ach at lists.cert.at
> http://lists.cert.at/cgi-bin/mailman/listinfo/ach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.cert.at/pipermail/ach/attachments/20140411/816f93af/attachment.sig>
More information about the Ach
mailing list