<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif"><br>I tried the site and command test on same servers and they give different results. site report the server is ok but command test says the server is affected. which one to trust?<br>
<br><br>--<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif">Lomayani<br></div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Tue, Apr 8, 2014 at 12:15 PM, Phil Regnauld <span dir="ltr"><<a href="mailto:regnauld@nsrc.org" target="_blank">regnauld@nsrc.org</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">Alan Barrett (apb) writes:<br>
> On Tue, 08 Apr 2014, Phil Regnauld wrote:<br>
> ><a href="http://heartbleed.com" target="_blank">http://heartbleed.com</a><br>
><br>
> Test your server for the CVE-2014-1060 "Heartbleed" bug:<br>
> <<a href="http://filippo.io/Heartbleed/" target="_blank">http://filippo.io/Heartbleed/</a>><br>
<br>
</div> The following should work as well:<br>
<br>
openssl s_client -connect google\.com:443 -tlsextdebug 2>&1| grep 'server extension "heartbeat" (id=15)' || echo safe<br>
<div class="HOEnZb"><div class="h5"><br>
<br>
_______________________________________________<br>
afnog mailing list<br>
<a href="http://afnog.org/mailman/listinfo/afnog" target="_blank">http://afnog.org/mailman/listinfo/afnog</a><br>
</div></div></blockquote></div><br></div>