砍敺 IT_man 2015-1-12 10:51 蝺刻摩
6 Y- o' y- h' o' P/ Y% O9 ?/ O# w
4 g. k9 o0 }6 x( KOpenSSL憭扳瘣Heartbleed函蝬脰楝撖唾撓摰冽霅血- Y( R/ y% f1 c' A N' Y1 d4 s% T
) O2 ?$ y" y- m V ]% _% U( g
; b% }, t7 w8 J, ^$ q F- x0 ]% D7 s
OpenSSL慵eartBleed憭扳瘣嚗箏函蝬脰楝撣嗡憭批嚗鋡怨箸舐雯頝舀脖誑靘湧瞍瘣摰敶梢踹惜W啣憭憭抒桀隞乩摯閮嚗雿桀舐亦荔敶梢輻蝯銝芣蝬脰楝銝隡箸剁瞍瘣航賢冽澆蝔桃蝬脰楝閮剖蝯蝡航蝵殷星C嚗喲xndroid璈賡隞亙兢 箇Ⅱ靽雿輻刻鞈摰剁閮鞈銝剖冽迨蝬脰楝蝞∠靘銝W嗾暺蝣箏祕憟賡脩芣!!
; H! y$ T, v, }! @& ~7 \* ^ 1.暻潭烙penSSL Bleeding
* [+ n9 F! Y# e2 l
4 O2 B7 ]+ W$ k6 p% s- OpenSSL Bleeding特SL摰鈭(敶梢輻砍1.0.1 1.0.1f / 1.0.2-beta ~ 1.0.2-beta1)瞍瘣
4 y6 j V% Y7 M# m
- 餅臭誑望迨瞍瘣敺隡箸刻園銝剛 64 KB鞈嚗望瑕閮園銝剖航賢函璈鞈2 T- @8 K. S/ j
( i7 U/ u: R5 x" g# T7 ]
2.OpenSSL Bleeding航賡勗拿 ^+ Y& w& G+ j
- 餅航梁靘鞈嚗脣雿輻刻撣唾撖蝣潦祉勗撖唾撓靽霅瑞鞈
- 雿輻刻頨思遢嚗脰蝔格靘憒摮email批捆鈭斗鞈靽∠典∟蝑% s* @! k, [ H7 K% z: g. O9 D
! Y/ H; p* O" H: N( J 3.撠蝬脩蝞∠撱箄降 - 蝣箄OpenSSL 祆臬血敶梢選瑼X交寞(鈭銝) A. Apache 摰鋆桅銝嚗撠暹 OPENSSL-README.txt嚗嗅扳 OpenSSL 祈閮
8 [, y5 _, ~% ]' aB.雿輻汪inux_Like雿璆剔頂蝯梯臭蝙冽批嗅賭誘 (Shell Prompt)嚗 Apache OpenSSL 摰鋆桅銝銋bin桅嚗瑁隞歹 openssl version 喳舀亥岷暹 OpenSSL 銋祈閮 - 令penSSL砍敶梢踵殷脰砍蝝嚗 A.拍函頂蝯勗蝝隞(ex. apt-get yum)脰OpenSSL砍蝝$ |/ k% b5 s; j1 c
嚗
; y% m. C+ Q, B, M B.OpenSSL摰寧雯蝡銝頛 OpenSSL 1.0.1g隞乩(tarball)蝝 - 芣瑼X葫蝬脩臬血歇摰靽桀儔/ `) [0 o/ W* ~) ~$ z* y( }$ R
典臭蝙其誑銝蝬脩嚗脰瞍瘣瑼X葫雿璆准 A.Heartbleed test http://filippo.io/Heartbleed/ . _% C$ p2 U- F; d# |) ?9 {4 u J
B.LastPass Heartbleed Checker http://lastpass.com/heartbleed/
# d' Z0 ?: _- [9 Z, w5 h, o
+ B% Y. N& l; e- O 4.撠蝬脩閬質撱箄降
: s; @. y6 K- @- g- S- x! |3 O銝砌蝙刻舐⊥閫瘙榴eartbeat瞍瘣憿嚗粹銝虫臭蝙刻餉行鋆蝵桀憿嚗舐雯蝡蝬脰楝憿嚗雿舐箔踹雿鞈憭瘣抬雿 臭誑∪隞乩芣靽霅瑟芣踝 $ j7 d0 ~4 Y; b; c/ H; b4 w
- 靽霅西死嚗鈭閫閬賣heartbeat瞍瘣憿蝬脩嚗芸楛鞈航賣憭瘣押
- 交靘閬瘙雿霈游蝣潘隢靘批遣霅啣瑁
- 閫撖芸楛撣唾臬行舐瘣餃嚗銝餃霈游舫餃萎辣蝑閬撖蝣潦
- 雿輻冽啁脫頠擃
- 銝閬摮銝蝬脩嚗撠文嗥雯https://剔蝬脩0 K- O% Z0 p. }1 i! M
+ e4 V9 h! q T0 z5 \6 u* g& o 5.蝬脩 0 f# E9 X6 ], W+ h* ?
3 N t) }3 z+ ?* k/ g" R# G' J
|
潸” 2015-1-12 10:46:10
嗉
鈭
霈
