Blog

Login

Call Now 860-294-2444

  • Home
    Home This is where you can find all the blog posts throughout the site.
  • Categories
    Categories Displays a list of categories from this blog.
  • Tags
    Tags Displays a list of tags that have been used in the blog.
  • Login
    Login Login form

Heartbleed Virus :: what you need to know

Posted by on in Uncategorized
  • Font size: Larger Smaller
  • Hits: 2497
  • Subscribe to this entry
  • Print

Our customers have been contacting us with their concerns over this virus.

 

Here are some facts you need to know

 

1) this is a server side issue, your hosting company has to patch their server

2) it has existed for over 2 years, it is not new

3) no website virus scanner will detect it

4) this isn't simply an issue on your personal computer or your phone — it's in the software that powers the services you use.

5) simply changing your passwords will not help

6) the vulnerability leaves no trace

 

 

Here is the simple explaination of how it works.

 

It involves a flaw, a hole, a vulnerability in a server protocol called OpenSSL, the open-source encryption standard used by the majority of websites that need to transmit the data that users want to keep secure.

 

Your site certificate (SSL) keeps the information being transmitted secure by using something called, Encryption. Your SSL needs openSSL to work. Encryption makes the data being sent look like nonsense to anyone but the intended recipient. Occasionally, one computer might want to check that there's still a computer at the end of its secure connection, and it will send out what's known as a heartbeat, a small packet of data that asks for a response.

Because of a programming error in the implementation of OpenSSL, the researchers found that it was possible to send a well-disguised packet of data that looked like one of these heartbeats to trick the computer at the other end into sending data stored in its memory.

 

This is about as simple as I can make it.

 

You need to call your hosting company and make sure your server is patched. Then change your passwords. Replace your site certificate if you can, they can be effected also.

 

There is a website with detailed information

http://heartbleed.com

 

One more importnant issue. The hosters are really going to push to upgrade their server software. Thus, now more then ever, if you dont upgrade your websites, they will go down as they are not compatible with newer server software. If you have not upgraded your websites, DO IT NOW. Better to have it done then to find out your site is suspended and your going to be off line for weeks as your site is being upgraded.

 

I hope everyone makes out ok. Let us know of questions or concerns

 

 

Rate this blog entry:
0

Get A Quote

Get A Quote

Please let us know your name.
Please let us know your email address.
Please let us know your message.
1-1111-111-1111
Invalid Input
Enter the code
  Refresh Invalid Input

Get in Touch and Start a Project with Us

 

Drop us a quick message to the right and let us know what kind of project you are interested in us tackling for you. We hope to hear from you soon!

Quick Quote