[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] heartbleed OpenSSL bug CVE-2014-0160

To: fulldisclosure@xxxxxxxxxxxx
Subject: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
From: Juergen Christoffel <jc@xxxxxxxxx>
Date: Wed, 9 Apr 2014 23:33:49 +0200

On Wed, Apr 09, 2014 at 09:24:25PM +0200, Reindl Harald wrote:


iptables logging needs to be rate-limit always because how it works
otherwise you have a problem the first time it really happens seriously


Using limits is sensible, yes. But

-m limit --limit 1/m


this might be a bit too restrictive to gather data on attempts at
heartbleeding. And --hashlimit might be more appropriate too as it keeps a
counter per IP address.

        --jc

--
 A great many of today's security technologies are "secure" only because
 no-one has ever bothered attacking them. -- Peter Gutmann


_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Follow-Ups:
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Reindl Harald

References:
- [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Kirils Solovjovs
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Fabien Bourdaire
- Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
  - From: Reindl Harald

Prev by Date: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Next by Date: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Previous by thread: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Next by thread: Re: [FD] heartbleed OpenSSL bug CVE-2014-0160
Index(es):
- Date
- Thread