Tenable Facilitates Detection of OpenSSL Heartbleed Vulnerability Using Nessus and Nessus Perimeter Service
The press has been lit up recently over the pernicious “Heartbleed Vulnerability”, affecting websites and web-enabled businesses all over the world.. This is an attack against the transport layer security protocol (TLS/DTLS) hearbeat extension. When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. One of the discovering agencies, Codenomicon Defensics posted in an F.A.Q. that some of the information they were able to obtain when testing were “secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.” This vulnerability can be detrimental to organizations. There are several websites devoted to detailed analysis, such as http://heartbleed.com, while security vendors are working hard to set up tools to detect these serious threats.
As a solution to this vulnerability, Tenable Network Security® released detection plugins for this OpenSSL vulnerability on April 8th for our Nessus® family security scanning solutions.
To facilitate the detection process for its customers, Tenable has provided a new “Heartbleed Detection” Policy Wizard which is now available for use with Nessus and Nessus Perimeter Service. This wizard enables a policy to perform a remote check for this vulnerability (CVE-2014-0160) on all SSL-detected ports in a simple two-step process, performing three scanning options:
• QUICK – scans known SSL port associations (such as HTTPS, IMAP, LDAP, NNTP, POP3, SMTP, XMPP, SQL);
• NORMAL – scans Nessus default ports (~5000); or
• THOROUGH – scans all 65,535 ports / attempts to negotiate SSL on each
To read more about the details about the vulnerability, read the article by Tenable’s Ken Bechtel, “Beware of Bleeding Hearts” here: http://www.tenable.com/blog/beware-of-bleeding-hearts-updated. Additional details on testing for the Heartbleed vulnerability can be found on the Tenable Discussion Forum.
Contact Rick Olesek at email@example.com to become authorized to sell Tenable Network Security solutions and help your customers facilitate easy detection of the OpenSSL Heartbleed vulnerability.