Lumifer comments on My Heartbleed learning experience and alternative to poor quality Heartbleed instructions. - Less Wrong

14 Post author: aisarka 15 April 2014 08:15AM

You are viewing a comment permalink. View the original post to see all comments and the full post content.

Article Navigation

Comments (31)

CC Licenced

Comments (31)

Sort By: Best

You are viewing a single comment's thread. Show more comments above.

Comment author: Lumifer 16 April 2014 02:18:08AM * 4 points [-]

If EFF claims that networking logs showed enough detail to confirm Heartbleed exploit attempts going on, then why did Codenomicon's heartbleed.com website claim that the bug doesn't show up in logs?

Because "logs" is a very generic term. You can set up your logging to record varying amount of information -- you can fully log every packet received, or you can log only errors, or you can do something in between.

If you record every packet received, you will be able to see Heartbleed attacks in your logs. However, for obvious reasons, few people do that and very few people do that on a permanent basis.

Lumifer comments on My Heartbleed learning experience and alternative to poor quality Heartbleed instructions. - Less Wrong

Article Navigation

Comments (31)

Nearest Meetups

Virtual Study Room

Recent Comments

Recent Posts

Recent Rationality Quotes

Recent Wiki Edits

Top Contributors, 30 Days

Recent Karma Awards

Comments (31)

Top Contributors, 30 Days

You'll need to login or register to do that

(Don't worry, it only takes a few seconds)

Create

Login