cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 8

Today is the HIPS day for OpenSSL Heartbleed bug

Hello all

I wonder if Mcafee HIPS with firewall and IPS enabled provides protection against OpenSSL Heartbleed bug? i hope it does!

7 Replies

Re: Today is the HIPS day for OpenSSL Heartbleed bug

Until someone with product knowledge comes along please see SB10071: https://kc.mcafee.com/corporate/index?page=content&id=SB10071

SafeBoot
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 3 of 8

Re: Today is the HIPS day for OpenSSL Heartbleed bug

We already released signatures for NSP etc - check you are pulling the latest updates.

Former Member
Not applicable
Report Inappropriate Content
Message 4 of 8

Re: Today is the HIPS day for OpenSSL Heartbleed bug

I believe Alhaawi is refering to the endpoint product HIPS not NSP (which is an appliance based solution). HIPS can be deployed and managed via ePO as a software firewall and IPS for workstations and servers.

Former Member
Not applicable
Report Inappropriate Content
Message 5 of 8

Re: Today is the HIPS day for OpenSSL Heartbleed bug

exactly this is what i am asking about if the Mcafee HIPS for desktop and servers is able to prevet the attack using OpenSSL Heartbleed bug? when i asked the question i thought i am in section of endpoint HIPS! thanks moriega

SafeBoot
Reliable Contributor
Reliable Contributor
Report Inappropriate Content
Message 6 of 8

Re: Today is the HIPS day for OpenSSL Heartbleed bug

taking about this internally, but probability is low since this attach does not change anything on the client itself - we don't think it will hit any of the HIPS trigger points - it's all in the network stack. We'll look into it though.

ktankink
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 7 of 8

Re: Today is the HIPS day for OpenSSL Heartbleed bug

OpenSSL TLS DTLS  Heartbeat Extension Packets Information Disclosure
 
MTIS14-056-A

                                                                                                                                                                                                                                                                                                                         

THREAT    IDENTIFIER(S)

  

CVE-2014-0160;    SB10071;Heartbleed

  

   HOST    IPS

  

Out of scope

  

 


ADDITIONAL    INFORMATION

  

McAfee: McAfee Security Bulletin ? OpenSSL Heartbleed    vulnerability patched in McAfee products
   
McAfee Labs: Heartbleed Vulnerability Opens the Door    to SSL Heartbeat Exploits
   
OpenSSL: OpenSSL Security Advisory
   
US-CERT:    Vulnerability Note VU#720951 OpenSSL heartbeat information disclosure
   
The Heartbleed Bug

  

Message was edited by: ktankink on 4/14/14 12:56:41 PM CDT
greatscott
Level 12
Report Inappropriate Content
Message 8 of 8

Re: Today is the HIPS day for OpenSSL Heartbleed bug

if you go to heartbleed.com, and read up on it, they actually state that Host Intrusion Prevention can't reliably prevent it.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community