DSM-G600, DNS-3xx and NSA-220 Hack Forum
Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Announcement
IRC Channel #funplug on irc.freenode.org
#1 2014-04-11 19:42:10
- futbol4me
- Member
- Registered: 2010-09-18
- Posts: 11
Update openssh for heartbleed?
Does it make sense to update our machines to plug the openssh heartbleed bug? Or is this something only web administrators have to worry about...
If so, can someone post "newbie" instructions on how to do this?
Thanks!
Offline
#2 2014-04-14 14:11:45
Re: Update openssh for heartbleed?
Openssh is not using openssl heartbeat feature from faulty code so no patching is necessary.
• DSM-G600 - NetBSD hdd-boot - 80GB Samsung SP0802N
• NSA-220 - Gentoo armv5tel 20110121 hdd-boot - 2x 2TB WD WD20EADS
Offline
#3 2014-05-02 08:40:07
- KyleK
- Member
- From: Dresden, Germany
- Registered: 2007-12-05
- Posts: 1178
Re: Update openssh for heartbleed?
I'd say if you run any webserver (like lighttpd) on your NAS and have enabled HTTPS access from outside your local network, then yes you should upgrade openssl to the patched version.
If you only access the NAS locally, via SSH, then it shouldn't be necessary.
Offline
#4 2014-05-03 14:19:35
- Mijzelf
- Member / Developer
- Registered: 2008-07-05
- Posts: 709
Re: Update openssh for heartbleed?
Only version 1.0.1 - 1.0.1f of OpenSSL are affected. FFP uses 1.0.0g and I guess the firmware version is even older, so that should be no problem.
Offline