Heartbleed protection with HP TippingPoint

What is the vulnerability? How does it take advantage of a network or system?

The Heartbleed bug affects OpenSSL—allowing attackers to infiltrate areas of memory from a system running the software. By accessing these areas of memory, the names and passwords—as well as actual content—are open to data theft.

  

How are HP TippingPoint customers protected?

The HP TippingPoint DVLabs team began evaluating the available data and PoCs on April 8, 2014

in order to provide a vulnerability signature in an ad-hoc release of the TippingPoint Digital Vaccine.  In the meantime, we have released a custom filter package to our customers until the official DV is ready.

 

The coverage provided by this custom filter, similar to all currently available vendor-provided filters, will detect large SSL heartbeat responses (over 200 bytes) to indicate whether the vulnerability has possibly been exploited. This filter protects HP TippingPoint customers until a more comprehensive Digital Vaccine is released.

 

In the meantime, we strongly recommend that everyone observe the published best practices to limit exposure:

  • Upgrade if possible (if not, then disable heartbeats)
  • Revoke all current keys and replace them with new ones
  • Change any credentials that may have been loaded into memory by the vulnerable processes
  • See additional information on “Thoughts on the Heartbleed bug.”

 

We have also verified that the HP TippingPoint NGIPS, SMS and NGFW platforms, as well as the Threat Management Center (TMC) portal, are not vulnerable to this OpenSSL vulnerability.

 

Where can you find more information on this vulnerability?

More information can be found on this vulnerability on the National Vulnerability Database

Labels: HP| security
Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
Showing results for 
Search instead for 
Do you mean 
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation