Solidot: Heartbleed漏洞会暴露OpenVPN私钥

Solidot

奇客的资讯，重要的东西

Heartbleed漏洞会暴露OpenVPN私钥
http://solidot.org.feedsportal.com/c/33236/f/556826/s/3977e276/sc/21/l/0L0Ssolidot0Borg0Cstory0Dsid0F39183/story01.htm
Apr 17th 2014, 11:27

Heartbleed漏洞会影响运行OpenVPN的VPN供应商。OpenVPN是一种开源的VPN软件，开发者已经发出警告，OpenSSL的Heartbleed漏洞可能会暴露VPN的加密私钥，OpenVPN默认使用的加密库就是OpenSSL。一家瑞典VPN服务的管理员Fredrik Strömberg在一台测试服务器上演示了Heartbleed攻击。他指出，从 OpenVPN服务器上窃取私钥要比从Web服务器上窃取私钥难度更大，因为OpenVPN流量封装在OpenVPN特定容器的加密HTTPS流量中，要窃取私钥需要先将OpenVPN数据包中的TLS数据分离开来。This entry passed through the Full-Text RSS service — if this is your content and you're reading it on someone else's site, please read the FAQ at fivefilters.org/content-only/faq.php#publishers.



You are receiving this email because you subscribed to this feed at https://blogtrottr.com

If you no longer wish to receive these emails, you can unsubscribe here:
https://blogtrottr.com/unsubscribe/cz0/jPbdSR