Page 1 of 1

Heartbleed - IDP signatures

Posted: 16 Apr 2014, 08:07
by Tomas
This FAQ applies to:
  • Clavister CorePlus and cOS Core, any version.

How do I use Clavister's IDP to protect against the Heartbleed bug?


The IDP database has recently been updated with the following IDP signatures which are related to the Heartbleed bug:
  • 72194 - Heartbleed.OpenSSL.Suspicious.TLS11.Large.Response.ds
    72192 - Heartbleed.OpenSSL.Suspicious.Large.Response.ds
    72195 - Heartbleed.OpenSSL.Suspicious.TLS12.Large.Response.ds
    72193 - Heartbleed.OpenSSL.Suspicious.TLS1.Large.Response.ds
They can be found in the folder IPS / WEB / GENERAL

For more details, look in our IDP Advisory: