Problem

Due to the recent outburst of the HeartBleed virus, all of our customers received  notifications from webhost and we got bombarded with questions like are we safe ?..if not what can we do to be safe ?

Actions

We also did not have much idea except that its affecting Open SSL. and quite frankly I do not even know if we are using open SSL on our web servers or any other server.

We mostly have only windows server. Its evident every where that this virus is only affecting version above Open SSL 1.0.1, If we have any thing before that then we are OK 🙂 .

We tried to find out the version of OpenSSL on our windows servers and found the command provided on alot of websites do not even work. ie “OpenSSL version”

Tried OpenSSL /? , its also unrecognised command..ohh..why is that ?

Researched further to find that probably my Cygwin install is not done correctly, But I do not remember installing Cygwin on my windows servers.

PS: Cygwin is a collection of Linux commands which one install on windows in order to install programs which would other wise can only be installed on Linux/unix servers.

So If I do not even have OpenSSL installed on my server then I should not be affected right ?

I researched further to find a technet article confirming my believes.

http://blogs.technet.com/b/erezs_iis_blog/archive/2014/04/09/information-about-heartbleed-and-iis.aspx

Per this article, Every webserver has its own SSL standard. Linux uses something called as OpenSSL which is affected by this virus.  However Microsoft has its own SSL which is called as “Secure Channel”.

So the Crux of the Matter is that , If you have not installed OpenSSL,Cygwin etc on your windows server specifically then you need not to worry about this virus.. 🙂 Yepee

Resolution

If you have not installed OpenSSL,Cygwin etc on your windows server specifically then you need not to worry about this virus.. 🙂 Yepee

 

 

 

The following two tabs change content below.
An automobile enthusiast at heart and computer geek by profession, started my Career with MS in 2005.Left Jobs and started Pledge Technologies (the parent company to Grishbi) back in 2009.We have been providing IT consulting to various Small and Medium businesses across US and UK since then.Our company specialises in Microsoft Server technologies like AD, Exchange, the rest and with numerous Office 365 migrations under our belt, we quite an expert with that too. Whatever we learn in our day to day life, we share it back on Grishbi as a Thank for all the love and support our customers have given us.
%d bloggers like this: