On April 7, the “Heartbleed” bug was announced. It’s a serious flaw in the OpenSSL 1.0 – 1.0.1 code series which affects all applications using it for encryption. In short, it means that anyone who can connect to the server can remotely read the server’s memory – including the SSL certificate secret key, usernames and passwords, and anything else.
With the Heartbleed bug exploit code in the wild, anyone can take advantage of the critical time between public exposure of the exploit and when all organizations can patch (or take offline) vulnerable systems. So, for almost every organization in the world, there are three questions that come to mind. The first question is “which of my public facing servers is vulnerable?” The second question is “have I been exploited since this became public?” And the third question is “what have I lost?”
The EndaceProbe™ Network Recorder helps answer all three questions.