Emerging Vendor Spotlight: Tenable Facilitates Detection of OpenSSL Heartbleed Vulnerability Using Nessus and Nessus Perimeter Service

Tenable Facilitates Detection of OpenSSL Heartbleed Vulnerability Using Nessus and Nessus Perimeter Service

The press has been lit up recently over the pernicious “Heartbleed Vulnerability”, affecting websites and web-enabled businesses all over the world.. This is an attack against the transport layer security protocol (TLS/DTLS) hearbeat extension. When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. One of the discovering agencies, Codenomicon Defensics posted in an F.A.Q. that some of the information they were able to obtain when testing were “secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.” This vulnerability can be detrimental to organizations. There are several websites devoted to detailed analysis, such as http://heartbleed.com, while security vendors are working hard to set up tools to detect these serious threats.

As a solution to this vulnerability, Tenable Network Security® released detection plugins for this OpenSSL vulnerability on April 8th for our Nessus® family security scanning solutions.

To facilitate the detection process for its customers, Tenable has provided a new “Heartbleed Detection” Policy Wizard which is now available for use with Nessus and Nessus Perimeter Service. This wizard enables a policy to perform a remote check for this vulnerability (CVE-2014-0160) on all SSL-detected ports in a simple two-step process, performing three scanning options:
• QUICK – scans known SSL port associations (such as HTTPS, IMAP, LDAP, NNTP, POP3, SMTP, XMPP, SQL);
• NORMAL – scans Nessus default ports (~5000); or
• THOROUGH – scans all 65,535 ports / attempts to negotiate SSL on each

To read more about the details about the vulnerability, read the article by Tenable’s Ken Bechtel, “Beware of Bleeding Hearts” here: http://www.tenable.com/blog/beware-of-bleeding-hearts-updated. Additional details on testing for the Heartbleed vulnerability can be found on the Tenable Discussion Forum.

Contact Rick Olesek at rolesek@tenable.com to become authorized to sell Tenable Network Security solutions and help your customers facilitate easy detection of the OpenSSL Heartbleed vulnerability.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s