HeartBleed Exposure


Post to Twitter Post to Facebook Post to StumbleUpon

The announcements are starting to trickle out from the bigger players in the industry as to who is patched and who doesn’t use OpenSSL. I came across a nice visual list of some of the biggies.

http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/?utm_cid=mash-com-fb-main-link

There are other lists of tens of thousands of websites  but I find it a bit overwhelming. We’ve created a client facing document for you and it’s in the knoweldgebase at ThirdTier/Helpdesk/Knowledgebase in the SMBKitchen ASP project. It’s free for everyone through the end of this month.

What you really need to know is that 66% of the Internet uses OpenSSL. The list includes GoDaddy which is the biggest provider of SSL certificates, which means you probably can’t trust your certificate and will need to rekey it. GoDaddy recommends  it. Further you need to change your passwords on effected websites and anywhere else that you use that same password but (and here’s the tricky part) you need to not do it until you’ve verified that they are patched.

https://lastpass.com/heartbleed/ is a website checker. Add: portnumber to the end of the URL to check alternative ports other than 443.

Here is what we would say at SMBKitchen ASP:

  • Save yourself first. Get changing those passwords
  • Check with your vendors to see if any products you use were exposed
  • Send your clients an email educating them about Heartbleed
  • Offer your assistance with any website where they have difficulty changing their password
  • Rekey your clients GoDaddy certificate after first telling them why it’s necessary
  • and in general be the great IT consultant they want you to be and provide leadership on this issue

Are you not a member of SMBKitchen ASP? Join up. It’s free through the end of the month. http://www.thirdtier.net/smbkitchen-asp/ Our goal is to help IT firms be more aware, be better consultants and survive in the new era.

—–
Not a Third Tier customer yet? Let me introduce:  We’re Third Tier. We provide advanced Third Tier support for IT Professionals. Come on over, create an account (no charge) and follow our social media locations.
Third Tier Get Support BlogFeed Blog Twitter Twitter Facebook Facebook LinkedIn LinkedIN

Leave a comment

Your email address will not be published. Required fields are marked *

This blog is kept spam free by WP-SpamFree.