What process could be exploited with heartbleed? ssh connections? Otherwise I have no https connections to my routers. I don't use OpenVPN.
On the internet folks say that it does not affect ssh.
As far as I know, it only affects the servers which run unpatched OpenSSL (but 0.9.x are unaffected). So, unless you run a server with vulnerable OpenSSL in it, there is nothing to fear. _________________ Asus RT-N16 running Merlin (latest), formerly used Kong 22000++ kingkong-nv32k-broadcom with OTRW2
E4200 V1 running Kong 22000++ kingkong-nv60k-broadcom with OTRW2
2 times Linksys WRT610N V2 converted to E3000 running Kong 22000++ usb-ftp-samba3-dlna-nv60k-broadcom with OTRW2 (bridged with LAN cable)
Joined: 06 Jun 2006 Posts: 6078 Location: Dresden, Germany
Posted: Fri Apr 11, 2014 10:03 Post subject:
https nor ssh is affected in all builds. https uses matrixssl and dropbear uses tomcrypt.
openssl is used for freeradius, openvpn, tor, asterisk
so if you have a small router with 4 mb flash, you arent affected since openssl is not even included. if you use a big router with openvpn, you might be affected if tls is used. next beta builds will fix that issue. _________________ one cigarette costs 2 minutes of your life.
one bottle of beer costs 4 minutes of your life.
one working day costs 8 hours of your life.
DD-WRT supported Concerts @ Bunker Dresden
03.10.2014 - Front 242 / Haujobb / Planet Myer Day