After I had a phone call just now in another case with the OpenSSL Bug, I would like to stress out one of the most important points AFTER the Fix.
THIS APPLYS NOT ONLY FOR KERIO CONNECT, BUT ALSO ANY SYSTEM THAT USES OPEN-SSL WITH THE HEARTBLEED BUG!
After the install of the new OPEN-SSL Version or program with the heartbleed bug...
1. CHANGE the SSL-Certificate! For any selfmade ones, just create a new. For an official declare the old one invalid and request a new cert.
2. FORCE a password change! And this for every one you have. As Company or Reseller, force a change for every user and/or inform the customers about it. The new passwords should be completely different from the old one. IF someone cracked the data with the bugs, he has usernames and pw in clear text. Any following attack will try the old pw in all "lazy" combinations. Like PW bla12%23 is now bla12%24
3, CHECK your other tools on the network, not only the server and clients. The OpenSSL module is used in a wide range of software, from linux pc's (SSH Login!), routers, switches, phone systems etc. to many integrated server systems like kerio, ERP etc.
Or if you have something out in the internet like a webcam. If you are unsure about them and you need access, use a vpn and no port mapping.
Can't stress those points enough ...
[Updated on: Wed, 09 April 2014 12:54]
Kerio discussion forums are intended for open communication between forum
members and may contain information and material posted by members which may
be useful in learning about Kerio products. The discussion forums are not
intended to provide technical support for any specific product. Any
information implied or expressed in the discussion forums is that of the
posting member. Kerio is in no way responsible for the information posted in
the forums, or its accuracy. Kerio employees may participate in the
discussions, but their postings do not represent an offical position of the
company on any issues raised or discussed. Kerio reserves the right to
monitor and maintain the forums to promote free and accurate exchange of