Win a copy of Murach's Python Programming this week in the Jython/Python forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

how to check if a site is currently vulnerable to heartbleed  RSS feed

 
Jeanne Boyarsky
author & internet detective
Sheriff
Posts: 36406
454
Eclipse IDE Java VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You should still change your password for a lot of sites. (especially if they reported having the issue and resolving it)

There's a Firefox extension out called Heartbleed extension that tells if sites are currently vulnerable. It shows up as untrusted because Mozilla hasn't vouched for it yet. I found out about it from OWASP - a security organization - so I trust it. (Code is in GitHub if you want to read it.)

And yes, I verified this site shows as Green == Good!
 
margaret gillon
Ranch Hand
Posts: 335
6
Linux Tomcat Server Ubuntu
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This extension is very cool. Thank you, Jeanne!
 
Jan de Boer
Ranch Hand
Posts: 677
6
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Ah, so there is a good site to my bank account being overdrawn at this moment! (Seriously actually, it is.)

Thanks for the advice. I did not know that hearthbleed was that dangerous.
 
Bear Bibeault
Author and ninkuma
Marshal
Posts: 65826
134
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A cow for helpfulness to the community.
 
Julian West
Ranch Hand
Posts: 91
3
Chrome Java Windows
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Today, my Netcraft extension is flagging this site as vulnerable to Hearbleed. (Certificate is changed but doesn't have a new public key)

cf. http://toolbar.netcraft.com/help/faq/index.html#heartbleed
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!