Does PRTG offer a way to monitor for the heartbleed leak?
Created on Apr 14, 2014 11:32:48 AM by
Is it possible to monitor for the Heartbleed leak using PRTG?
Votes:
0
1 Reply
Accepted Answer
Votes:
0
This article applies to PRTG Network Monitor 14 or later, as well as to previous (deprecated) versions
Checking Websites for the Heartbleed Leak
You can use a simple Python script written by Jared Stafford to test your websites for the Heartbleed vulnerability.
Requirements
- (installed) PRTG Network Monitor (you can get a free trial version here)
- (installed) Python 2.7 (see python.org)
- script and wrapper: You can download the script and wrapper here.
Set Up Monitoring for Heartbleed
- Place the script and the wrapper in the \Custom Sensors\EXE subfolder of your PRTG installation.
- Add a new EXE/Script sensor to PRTG.
- Choose the wrapper file as executable.
- As parameter, pass the server name (NOT the URL) to the script.
Note: The path in the wrapper might have to be changed to point to the EXE folder on your system.
You now will get the output VULNERABLE or NOT VULNERABLE as a message for your sensor. The value is either 0 or 1, so you can work with channel limits to define error states.
Important notice: This is only a quick workaround and only port 443 is checked. This is considered an 'ad hoc' sensor and does not come with actual technical support.
Created on Apr 14, 2014 11:36:42 AM by
Last change on Apr 14, 2014 12:55:06 PM by
Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
Add comment