I’ve never been a great fan of cloud services, but I was really astonished when I read this article on Skyhigh Networks. It appears that 96% of could services were still vulnerable to HeartBleed, 24 hours after the disclosure of the security breach, although a patch was already available. One should think these could service providers have teams working around the clock to assure your safety….
After my previous post about checking if your site is vulnerable to HeartBleed, I found some interesting Snort rules which make you able to detect if you’re actually being exploited.
In case you - just like me - unplugged your Nagios monitoring box from the network for some time, you will get strange statusses for some services, mentioning they’re OK for more than 300 days for example. You probably want to get rid of this. But how do you get this done?