Heartbleed - IDP signatures

Frequently Asked Questions
Post Reply
Tomas
Posts: 34
Joined: 15 Sep 2008, 15:57
Location: Clavister HQ - Örnsköldsvik

Heartbleed - IDP signatures

Post by Tomas » 16 Apr 2014, 08:07

This FAQ applies to:
  • Clavister CorePlus and cOS Core, any version.
Question:

How do I use Clavister's IDP to protect against the Heartbleed bug?

Answer:

The IDP database has recently been updated with the following IDP signatures which are related to the Heartbleed bug:
  • 72194 - Heartbleed.OpenSSL.Suspicious.TLS11.Large.Response.ds
    72192 - Heartbleed.OpenSSL.Suspicious.Large.Response.ds
    72195 - Heartbleed.OpenSSL.Suspicious.TLS12.Large.Response.ds
    72193 - Heartbleed.OpenSSL.Suspicious.TLS1.Large.Response.ds
They can be found in the folder IPS / WEB / GENERAL

For more details, look in our IDP Advisory: https://www.clavister.com/advisories/idp/

Post Reply