Skip to main content

heartbleed centOS6.5

Wondering if NSA already knew about heartbleed and was cracking google and FB and other servers so far.

now that its out people are rushing to fix it and we are also.

I saw a great into to heartbleed at

so if you run this it would tell you what version of openssl nginx is using
ldd `which nginx` | grep ssl => /usr/lib64/ (0x00007f6d0c0cf000) 

and now if you do this it would tell you if you are vulnerable 
strings /usr/lib64/ | grep "^OpenSSL "
OpenSSL 1.0.1e-fips 11 Feb 2013

if you have anything between 1.0.1. and 1.0.1f you are vulnerable, perconna guys have a nice post on same

CentOS has released patch to current stable release and to fix all you need to do is update centOS or recompile nginx and disable heartbleed.

to update centOS  run "sudo yum update openssl" and restart services using openssl like nginx,mysql,apache.

to verify if its fixed run


  1. Good video, even for non tech folks. BTW I also like this comic: Heartbleed Explanation


Post a Comment

Popular posts from this blog

RabbitMQ java clients for beginners

Here is a sample of a consumer and producer example for RabbitMQ. The steps are
Download ErlangDownload Rabbit MQ ServerDownload Rabbit MQ Java client jarsCompile and run the below two class and you are done.
This sample create a Durable Exchange, Queue and a Message. You will have to start the consumer first before you start the for the first time.

For more information on AMQP, Exchanges, Queues, read this excellent tutorial
import com.rabbitmq.client.Connection; import com.rabbitmq.client.Channel; import com.rabbitmq.client.*; public class RabbitMQProducer { public static void main(String []args) throws Exception { ConnectionFactory factory = new ConnectionFactory(); factory.setUsername("guest"); factory.setPassword("guest"); factory.setVirtualHost("/"); factory.setHost(""); factory.setPort(5672); Conne…

Spring query timeout or transaction timeout

If you are using spring to manage transactions then you can specify default transaction timeout using

    <bean id="transactionManager"
        <property name="dataSource" ref="dataSource" />
        <property name="defaultTimeout" value="30" /> <!--30 sec--->             

or you can override the timeout in the annotation

    @Transactional(readOnly = false, timeout=30)

or if you are doing it programatic transactions then you can do

DataSourceTransactionManager transactionManager = new DataSourceTransactionManager(dataSource);

 or you can override the timeout for one particular transaction

TransactionTemplate transactionTemplate = new TransactionTemplate();

Python adding pid file

I have a thumbnail generator that launches multiple processes and the correct way to shut it down is to send kill -HUP to the parent process. To automate I had to write a pid file from python, it was a piece of cake
def writePidFile(): pid = str(os.getpid()) f = open('', 'w') f.write(pid) f.close()