On 11.04.2014 08:28, Koenraad Lelong wrote:
op 10-04-14 12:58, Kevin A. McGrail schreef:
There is also some consideration that you must assume systems were compromised and snooped and change all passwords as well...
I did to change passwords, but is this neccessary, since I'm using stunnel with certs on both sides of the tunnel ? Just to understand this case of openssl a bit more.
Heartbleed allows an attacker to retrieve parts of the server process's virtual memory, with whatever content that may happen to be there. It's IMHO very likely to be highly dynamic data, like the content of ongoing communication the server has with other clients. Nobody seems to have much of an idea how to *control* what data you get so far.
The data *everybody's talking about* as being in danger is the server's private key - which is pretty static, but necessarily present *somewhere* in virtual memory (actually likely to be memlocked into RAM, or so I'd hope) and useful to set up a MitM attack / decoy server.
(Everybody and his dog's *also* referring only to HTTPS, while I'm currently working on IMAPS and OpenVPN servers' keypairs, and giving the suspicion-raised eyebrow to all sorts of STARTTLS-enabled stuff.)
IIUC the yield is limited to ~16kB per (much smaller) keepalive request, but you may issue them at whatever rate your bandwidth and RTT allows, so I'd guess that on low-volume servers, you'd be able to snoop a substantial part of the server's traffic. Maybe with users' passwords and live session cookies if we're talking about a web UI with a <FORM>-based login ...
Regards, J. Bern