|
|
|
|
|
|
by kyrra
4446 days ago
|
|
|
VRT (people who maintain a ruleset for Snort) published free rules for detecting Heartbleed attempts. If you read their blog post about it[0] (and the comments), the first 5 bytes of all the Heartbeat messages are unencrypted and you are able to detect the lookup within those first 5 bytes. [0] http://vrt-blog.snort.org/2014/04/heartbleed-memory-disclosu... |
|
|