Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
On 04/11/2014 07:16 AM, Glen Kent wrote: VPN, on the other hand, is a totally different world of pain for this issue. What about VPNs? SSL VPN's could possibly be vulnerable.
Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
Didn't Cisco already release a bunch of updates related to Anyconnect and heartbleed? Cheers, Harry On Apr 12, 2014, at 6:03 PM, Lamar Owen lo...@pari.edu wrote: On 04/11/2014 07:16 AM, Glen Kent wrote: VPN, on the other hand, is a totally different world of pain for this issue. What about VPNs? SSL VPN's could possibly be vulnerable.
Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
On 4/12/2014 8:55 PM, Harry Hoffman wrote: Didn't Cisco already release a bunch of updates related to Anyconnect and heartbleed? There were AnyConnect for iOS (little i, not big I) issues with heartbleed, but everything else has been mostly phone and UCS related. IOS XE is affected if you have enabled https:// administrative interface. Otherwise no (at least not yet, they're still checking). There were, however, four separate security issues released this week that affected SSL VPN, AnyConnect, and ASAs (I had to patch our ASAs even though we do not do SSL VPN or AnyConnect, there is a DoS attack possible via SIP). signature.asc Description: OpenPGP digital signature
Heartbleed Bug Found in Cisco Routers, Juniper Gear
http://online.wsj.com/news/articles/SB10001424052702303873604579493963847851346 Glen
Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
Slightly sensationalistic article, tends to imply that heartbleed will allow you to capture data-plane traffic on any piece of Cisco/Juniper kit. Either way, as I've said before, if you're exposing *any* management interfaces, be is ssh,netconf or https to the internet in general, you've got bigger issues than just heartbleed. VPN, on the other hand, is a totally different world of pain for this issue. /ruairi On 11 April 2014 12:24, Glen Kent glen.k...@gmail.com wrote: http://online.wsj.com/news/articles/SB10001424052702303873604579493963847851346 Glen
Re: Heartbleed Bug Found in Cisco Routers, Juniper Gear
Either way, as I've said before, if you're exposing *any* management interfaces, be is ssh,netconf or https to the internet in general, you've got bigger issues than just heartbleed. Sure, i agree. VPN, on the other hand, is a totally different world of pain for this issue. What about VPNs? Glen /ruairi On 11 April 2014 12:24, Glen Kent glen.k...@gmail.com wrote: http://online.wsj.com/news/articles/SB10001424052702303873604579493963847851346 Glen