> If anyone is looking to test for systems supporting the heartbeat
> making them potentially vulnerable, you can do it with this script:
> openssl s_client -connect [domain]\.com:443 -tlsextdebug 2>&1| grep
> 'server extension "heartbeat" (id=15)' || echo safe
Note that the openssl install you use to make this test must support the
hearbeat extension, or you'll get a false negative.
De
|