Heartbleed does not kill you. Just yet!

heartbleed-openssl-bug.jpg

There was a bug in one line of a code that nobody noticed for years. It was not an issue, until recently, when somebody was able to exploit that vulnerability. How?

 

Typically, internet was built on trust and there was no private information earlier. It was a synchronous transfer of information. Which means that the sender and receiver both had the same key but they didn't use it to exploit each others' information.

 

Think of like this: when you want to travel for few days and you want to give a key to someone so that they can feed your cat. You give the key based on trust factor. In this case, the key could be exploited to gain access to information that to which you would not have access.

 

Technically, what does it mean?

 

A Heartbleed is a flaw in OpenSSL, the open-source encryption standard used by the majority of websites that need to transmit the data that users want to keep secure. OpenSSL is an open-source implementation of SSL and its successor protocol, TLS (which stands for Transport Security Layer). It basically gives you a secure line when you're sending an email or chatting on IM. 

 

Heartbleed is a recently discovered bug in OpenSSL that could allow an attack to read information off a Web server even though it's supposed to be secured against intrusion. The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content.

 

The good news is that there is no evidence, until now, that it has been exploited--mainly because there is no trace on the server.

 

Theo De Raadt who is one of the founders of OpenSSL, comments that: 

OpenSSL has exploit mitigation countermeasures to make sure it's
> exploitable

The vulnerability and threats may come in any share or form. You need to be prepared through multiple layers of security to ensure that these zero-day attacks dont bring down your organization.

 

HP is leading in enterprise security with multiple layers of security to ensure such things don't become bigger than what it was. HP Security Research Labs found and fixed this bug through threat feeds that powered rest of the security solution such as IPS or the next generation Firewall. ArcSight also gets this threat feeds and enures that this bug does not harm your data. The tools itself such as ArcSight, TippingPoint, and Fortify is tested to make sure there is no open exploitable bug including this Heartbleed.

 

Finally, Fortify, the static and dynamic application scanning for security tool has invited all open source to go through free application scanning to ensure that such issues don't exist. 

 

Comments
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation