cancel
Showing results for 
Search instead for 
Did you mean: 
alhaawi
Level 9

Today is the HIPS day for OpenSSL Heartbleed bug

Hello all

I wonder if Mcafee HIPS with firewall and IPS enabled provides protection against OpenSSL Heartbleed bug? i hope it does!

0 Kudos
7 Replies
exbrit
Level 21

Re: Today is the HIPS day for OpenSSL Heartbleed bug

Until someone with product knowledge comes along please see SB10071: https://kc.mcafee.com/corporate/index?page=content&id=SB10071

0 Kudos
SafeBoot
Level 21

Re: Today is the HIPS day for OpenSSL Heartbleed bug

We already released signatures for NSP etc - check you are pulling the latest updates.

0 Kudos
moriega
Level 10

Re: Today is the HIPS day for OpenSSL Heartbleed bug

I believe Alhaawi is refering to the endpoint product HIPS not NSP (which is an appliance based solution). HIPS can be deployed and managed via ePO as a software firewall and IPS for workstations and servers.

0 Kudos
alhaawi
Level 9

Re: Today is the HIPS day for OpenSSL Heartbleed bug

exactly this is what i am asking about if the Mcafee HIPS for desktop and servers is able to prevet the attack using OpenSSL Heartbleed bug? when i asked the question i thought i am in section of endpoint HIPS! thanks moriega

0 Kudos
SafeBoot
Level 21

Re: Today is the HIPS day for OpenSSL Heartbleed bug

taking about this internally, but probability is low since this attach does not change anything on the client itself - we don't think it will hit any of the HIPS trigger points - it's all in the network stack. We'll look into it though.

0 Kudos
McAfee Employee

Re: Today is the HIPS day for OpenSSL Heartbleed bug

OpenSSL TLS DTLS  Heartbeat Extension Packets Information Disclosure
 
MTIS14-056-A

                                                                                                                                                                                                                                                                                                                         

THREAT    IDENTIFIER(S)

  

CVE-2014-0160;    SB10071;Heartbleed

  

   HOST    IPS

  

Out of scope

  

 


ADDITIONAL    INFORMATION

  

McAfee: McAfee Security Bulletin ? OpenSSL Heartbleed    vulnerability patched in McAfee products
   
McAfee Labs: Heartbleed Vulnerability Opens the Door    to SSL Heartbeat Exploits
   
OpenSSL: OpenSSL Security Advisory
   
US-CERT:    Vulnerability Note VU#720951 OpenSSL heartbeat information disclosure
   
The Heartbleed Bug

  

Message was edited by: ktankink on 4/14/14 12:56:41 PM CDT
0 Kudos
greatscott
Level 12

Re: Today is the HIPS day for OpenSSL Heartbleed bug

if you go to heartbleed.com, and read up on it, they actually state that Host Intrusion Prevention can't reliably prevent it.

0 Kudos