Status Blog
Welcome to the official offsite news and network announcements blog for RackSRV Communications. From this blog we will announce any planned maintenance, known service issues, promotions and general industry news so please consider bookmarking or utilising our RSS feed to keep yourself informed!

OpenSSL Heartbleed Bug

    Posted in Industry News on 10/04/2014 @ 09:40

As you have most likely heard a vulnerability within OpenSSL is currently in circulation and may require your attention.

This is really on a per server basis, the majority of servers running CentOS 5 will likely be unaffected due to version of OpenSSL with this bug, users with CentOS 6, specifically CentOS 6.5 may wish to take some action!

The versions of OpenSSL that are affected by this are as follows:-

--OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
--OpenSSL 1.0.1g is NOT vulnerable
--OpenSSL 1.0.0 branch is NOT vulnerable
--OpenSSL 0.9.8 branch is NOT vulnerable

To check your Openssl version, simply type "openssl version", within your servers console, alternatively please use the following tool to check if your vulnerable to this exploit:

http://filippo.io/Heartbleed/

If you find yourself vulnerable, try not to panic, update your openssl via yum or apt-get then make sure to restart any services that may be using this, mail / httpd / cpanel and so on, it may be best to reissue your SSL certificates also.

Please be aware that all of our managed clients that were affected by this were updated in full when the 0day vulnerability was announced.

For further information on this please feel free to view the following pages:-

http://digg.com/2014/heartbleed-explain-bug-openssl
http://www.reddit.com/r/Bitcoin/comments/22gq5e/heartbleed_bug_major_openssl_vulnerability_could/
https://rhn.redhat.com/errata/RHSA-2014-0376.html

If you find that you require server management with your dedicated or virtual server this is something that we provide at a monthly fee if you find you're out of your depth!

Best Regards
Lee Gardiner
Systems Administrator

Recent News
With the migration and upgrade of our primary POP in Kent Science Park completed
We're currently investigating what appears to be a router crash at our primary P
With the relocation of our infrastructure expected to conclude on 27/03/17, the
Knowledgebase Articles