Full Disclosure mailing list archives
Re: heartbleed OpenSSL bug CVE-2014-0160
From: Juergen Christoffel <jc () unser net>
Date: Wed, 9 Apr 2014 23:33:49 +0200
On Wed, Apr 09, 2014 at 09:24:25PM +0200, Reindl Harald wrote:
iptables logging needs to be rate-limit always because how it works otherwise you have a problem the first time it really happens seriously
Using limits is sensible, yes. But
-m limit --limit 1/m
this might be a bit too restrictive to gather data on attempts at
heartbleeding. And --hashlimit might be more appropriate too as it keeps a
counter per IP address.
--jc
--
A great many of today's security technologies are "secure" only because
no-one has ever bothered attacking them. -- Peter Gutmann
_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: heartbleed OpenSSL bug CVE-2014-0160, (continued)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Walt Williams (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Brandon Vincent (Student) (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Carlos P (Apr 11)
- Message not available
- Re: heartbleed OpenSSL bug CVE-2014-0160 Chris Schmidt (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Nik Mitev (Apr 08)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Ken Connelly (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Reindl Harald (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Juergen Christoffel (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Reindl Harald (Apr 10)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Reindl Harald (Apr 11)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Seth Arnold (Apr 11)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Brandon Perry (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Aidan Thornton (Apr 09)
- Re: heartbleed OpenSSL bug CVE-2014-0160 Coderaptor (Apr 09)