Adtran
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable
‎04-10-2014 07:55 AM

Adtran Netvanta products affected by Heartbleed?

Jump to solution

Can anyone disclose if and which Adtran Netvanta products are affected by Heartbleed?

I would like to prepare for when our customers start calling.

Tags (2)
Reply
1 Solution

Accepted Solutions
Anonymous
Not applicable
‎04-11-2014 01:38 PM

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

You can find out more information in regards to Adtran products affected by heartbleed through the recent ADTRAN Heartbleed Advisory.

General security advisories are also posted on our support community in the section.

View solution in original post

Reply
4 Replies
jayh
Honored Contributor
Honored Contributor
‎04-10-2014 12:58 PM

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

You can test for this yourself, nothing here the bad guys don't already have: 

TCP Filter data needed to spot heartbleed:

Detect successful #heartbleed attacks with tshark:

tshark -i eth0 -R "ssl.record.content_type eq 24 and not ssl.heartbeat_message.type"

SNORT rules necessary to spot heartbleed:

http://blog.fox-it.com/2014/04/08/openssl-heartbleed-bug-live-blog/

NMAP NSE Script/Thread for mass scanning/detecting:

http://seclists.org/nmap-dev/2014/q2/22

Metasploit Module for it:

github.com/rapid7/metasploit-framework/pull/3206/files


Manual tool for validating:

http://gobuild.io/download/github.com/titanous/heartbleeder

Python based mass scanning tool:

http://www.garage4hackers.com/entry.php?b=2551

Accept as Solution Reply
jayh
Honored Contributor
Honored Contributor
‎04-10-2014 01:04 PM

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

More general info here:  Heartbleed Bug

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎04-10-2014 03:05 PM

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

Thanks for that variety of tools, jayh!  We used the NMAP script to confirm that vWLAN ver 2.4.0.12 is vulnerable.  AOS-based products appear to be fine.  Just checked my email alert subscription for Bluesocket firmware updates!  I'm not sure about UC/voice products or any other of ADTRAN's many lines.

Perhaps it would be safest to block TCP 443 from the outside if you run vWLAN until it's patched.  Management would be isolated to administrators local to the controller to mitigate the issue in the short term.

CJ

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎04-11-2014 01:38 PM

Re: Adtran Netvanta products affected by Heartbleed?

Jump to solution

You can find out more information in regards to Adtran products affected by heartbleed through the recent ADTRAN Heartbleed Advisory.

General security advisories are also posted on our support community in the section.

Reply