Am 10. Apr, 2014 schwätzte David Blank-Edelman so:
moin moin,
evidence of Heartbleed attack in November doesn't reduce the scope for
me...
It does ratchet up the chants of "change all the passwords".
:)
Any recommendations for the desktop?
I'm giving a presentation tonight and would rather not miss something
really important :).
. security update personal devices ( computers, phones, tablets )
. verify sites are no longer vulnerable
. change all the passwords
.. log out of site, delete cookies and flashcookies; log in; change
passwd; change any other credentials used for authentication ( PIN,
security questions, etc )
. verify account hasn't been modified
.. make sure there isn't a new address, phone number, email address, etc
aasociated with the account
Anything else?
This month is a quick presentation on dealing with Heartbleed fallout from
an end user perspective.
Next month will be my online security, privacy and password management
talk where I give more in depth coverage of the topic.
ciao,
der.hans
On Apr 10, 2014, at 1:24 PM, Phil Pennock <lopsa-t...@spodhuis.org> wrote:
Someone looking at their packet capsure logs showing scans in March
2014:
http://www.seacat.mobi/blog/heartbleed
Followup to that one on EFFs site:
https://www.eff.org/deeplinks/2014/04/wild-heart-were-intelligence-agencies-using-heartbleed-november-2013
— dNb
--
# http://www.LuftHans.com/ http://www.LuftHans.com/Classes/
# Don't step in front of speeding cars, don't eat explosives
# and don't use m$ LookOut :). - der.hans
_______________________________________________
Tech mailing list
Tech@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech
This list provided by the League of Professional System Administrators
http://lopsa.org/
