Guide to using Nmap to scan for the Heartbleed bug.


  1. Nmap. The script requires version 6.25 or newer.
    • An easy way to get the latest Nmap release is to use Kali Linux.
    • Binary installers are available for Windows, but are vulnerable to the HeartBleed bug.
    • RPM installer available for Linux, or install from source.
    • .dmg installer available for Mac OS X.
  2. tls.lua. The script requires this Lua library for TLS handshaking.
  3. ssl-heartbleed.nse. This is the script itself.


Locate your Nmap files directory. On Linux, this is usually /usr/share/nmap/ or /usr/local/share/nmap/. On Windows, it’s either C:\Program Files\Nmap\ or C:\Program Files (x86)\Nmap\

Download the tls.lua library and put it in the nselib directory.

Download the ssl-heartbleed.nse script and put it in the scripts directory

Optionally, run nmap --script-updatedb to allow the script to run according to category (not necessary for this example).

Finally, run Nmap. Here are some recommended options to use:

nmap -d --script ssl-heartbleed --script-args vulns.showall -sV X.X.X.X/24

Options summary:

  • -d turns on debugging output, helpful for seeing problems with the script.
  • --script ssl-heartbleed selects the ssl-heartbleed script to run on appropriate ports.
  • --script-args vulns.showall tells the script to output “NOT VULNERABLE” when it does not detect the vulnerability.
  • -sV requests a service version detection scan, which will allow the script to run against unusual ports that support SSL.

Other helpful options:

  • --script-trace shows a packet dump of all script-related traffic, which may show memory dumps from the Heartbleed bug.
  • -p 443 limits the script to port 443, but use caution! Even services like SMTP, FTP, and IMAP can be vulnerable.
  • -oA heartbleed-%y%m%d saves Nmap’s output in 3 formats as heartbleed-20140410.nmapheartbleed-20140410.xml, and heartbleed-20140410.gnmap.


Disable Mac Inline Image Attachments

I’ve found this to be a real annoyance, especially with a business where I have to send images in emails often. by default displays images in-line, and most email clients won’t recognize them as attachments. If you right click (or ctrl click with a one button mouse) on the image you can select to view the image as icon, which makes it behave like a normal attachment. To make this the default behaviour you’ll need to use the Terminal to set the preference. Terminal is in Applications>Utilities. Open Terminal and type:

defaults write DisableInlineAttachmentViewing -bool yes

That will make every attachment you send act like an attachment instead of a pretty unusable decoration.

If you decide this isn’t what you’re looking for, to restore in-line attachment viewing type:

defaults write DisableInlineAttachmentViewing -bool false

Restart Mail and you’re back to normal.


OS X: How to Change Default Application to Open File Type

If you click on a file and the wrong app opens it, you can change the default application to open that file or file type. These are the steps to both change the default app to open one specific file or to change the default app to open all files of one file type.
I frequently work with images on my MPR. Typically I just want to view an image instead of edit it so having Preview as my default app makes sense.

However, some images I know I am going to edit and edit and edit. By changing the default application to photoshop for that file, I can save a bunch of time.

Anyway, here is how to do it for one specific file only first. Below I’ll show you how to change the default application for all files of one file type.

Change Default App for One File:

1. Ctrl-click on the file you want to open
2. Click Open with
3. Select Other

4. Select the applcation you want to open the file
5. Select Always Open With
6. Click Open button

Now that one file will always open with the application you picked.

If you want to change the default app that opens all the files of one particular file type, you can do that too.

Change Default App for All Files of a File Type:

1. Ctrl-click on the file
2. Click Get Info

3. Under Open With pick the app that you want to become the default

4. Click the Change All button
5. Confirm your decision


Using Notepad++ Vertical Selection for Mass Changes

Notepad++ has a really cool feature that I’d like to share with those who haven’t already stumbled onto it. This feature is the ability to select vertically. The typical linear selection found in text editors works most of the time, but occasionally it is necessary to delete, copy or paste a column of text. To use the vertical selection feature, the user simply needs to press the “Alt” key.

One use case for this feature may be to grab some text from a show command, clean it up, and make some mass changes. Only as a demonstration, I’ll use the show interface command, remove unnecessary columns, and shut down the interfaces.

Below is the output of “show interface descriptions” from my home router.

By pressing the “Alt” key as I select text, the behavior of the selection process changes. This allows for a vertical selection.

As expected, pressing “Delete” will remove the text region. I could have also copied the text and pasted it into another area.

As a bonus, I can create mass changes to what is left using find and replace. This feature in Notepad++ is very powerful and is perfect for this type of operation. Doing a regex search for “(.+)”, Notepad++ will find everything up to the “newline” characters. The parenthesis tells it to store the value in “$1″.

By replacing the match with ”interface $1 \r shutdown”, we now have text that we could cut and paste into a console to administratively shut down the interfaces.

This is a very simple example that demonstrates a couple of powerful features. How could you use this in your workflow? What other features in Notepad++ makes your work life easier?

Comment your thoughts below.