Heartbleed in murga-linux.com?
Heartbleed in murga-linux.com?
Though everybody is wondering if puppy is affected by the HeartBleed openSSL bug (even if puppy is not the most likely OS for a server ) I was rather wondering if murga-linux.com was vulnerable to the bug.
Test sites showing it as fine now and I guess is not a major site to make the lists, but should we be changing passwords fast or not?
Test sites showing it as fine now and I guess is not a major site to make the lists, but should we be changing passwords fast or not?
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==
considering that forum is running ancient phpbb version I doubt openssl is being bumped to newer versions with bug included either.
But maybe server management is not managed by John but some hosting company. In that case he should mail them.
But maybe server management is not managed by John but some hosting company. In that case he should mail them.
puppy.b0x.me stuff mirrored [url=https://drive.google.com/open?id=0B_Mb589v0iCXNnhSZWRwd3R2UWs]HERE[/url] or [url=http://archive.org/details/Puppy_Linux_puppy.b0x.me_mirror]HERE[/url]
- ThoriumBlvd
- Posts: 159
- Joined: Fri 04 Oct 2013, 09:04
- Location: N.E. USA
As I've never seen an encrypted page here, I doubt murga-linux even supports ssl over http.
And if it does.. WHOOP-DEE-DOO!
http://www.networking4all.com/en/suppor ... ocol=https
https://www.sslshopper.com/ssl-checker. ... -linux.com
Code: Select all
echo ^D | telnet www.murga-linux.com https
http://www.networking4all.com/en/suppor ... ocol=https
https://www.sslshopper.com/ssl-checker. ... -linux.com
The fact that php is old does not necessarily means that the OS is old too, but as correctly pointed out there are no https here. So all the passwords can be sniffed out but at least we are safe from heardbleedFlash wrote:As dejan555 pointed out, our website software is so old that it could not contain the ssl "enhancement" that introduced the Heartbleed flaw.
== [url=http://www.catb.org/esr/faqs/smart-questions.html]Here is how to solve your[/url] [url=https://www.chiark.greenend.org.uk/~sgtatham/bugs.html]Linux problems fast[/url] ==
Yeah, logging to forum works even from dillo xDmavrothal wrote:So all the passwords can be sniffed out but at least we are safe from heardbleed
puppy.b0x.me stuff mirrored [url=https://drive.google.com/open?id=0B_Mb589v0iCXNnhSZWRwd3R2UWs]HERE[/url] or [url=http://archive.org/details/Puppy_Linux_puppy.b0x.me_mirror]HERE[/url]
Now that's different. This forum doesn't use http so we can expect anybody to sniff our passwords just like that. But those https sites come with *expectation* that they are secure. The fact that they are *not*mavrothal wrote:The fact that php is old does not necessarily means that the OS is old too, but as correctly pointed out there are no https here. So all the passwords can be sniffed out but at least we are safe from heardbleed
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]