Time to upgrade OpenSSL again [Archive]

View Full Version : Time to upgrade OpenSSL again

Studio64

09-16-2002, 08:06 PM

If you havn't heard yet it's time to upgrade OpenSSL

http://www.openssl.org/

This one is a dozy.
Nice little worm that exploits SSL and creates a P2P weekend via the apache server.

Wired Article (http://wired.com/news/linux/0,1411,55172,00.html)

Haze

09-16-2002, 09:33 PM

http://www.webhostingtalk.com/showthread.php?s=&threadid=74629

clockwork

09-17-2002, 01:06 AM

Originally posted by Studio64
If you havn't heard yet it's time to upgrade OpenSSL

http://www.openssl.org/

This one is a dozy.
Nice little worm that exploits SSL and creates a P2P weekend via the apache server.

Wired Article (http://wired.com/news/linux/0,1411,55172,00.html)

Might want to check your /tmp directory for "bugtraq.c"
Sounds like you're a bit behind on updating... you might be infected.

Also, see if anything is using port 2002 (UDP)

This is, AFAIK, what to look for.