SSL - Security Hole - POODLE attack

TheCry

Customer

Likes Received

781

Points

9,101

Posts

1,547

Gender

Male

Location

Germany

Website

https://github.com/TheCry

Linux Distro

Debian Stretch
Oct 16th 2014
- #1
Hello ;

A new security hole has been found in the SSL layer.

More information can be found here:

http://blog.rimuhosting.com/20…-securing-against-poodle/

http://arstechnica.com/securit…n-again-in-poodle-attack/

https://blog.mozilla.org/secur…k-and-the-end-of-ssl-3-0/

You can check your server through this site:

https://www.ssllabs.com/ssltest/analyze.html

To fix the problem you need to disable the SSLv3

Code

vi /etc/apache2/mods-available/ssl.conf

then, search for the following stanza

Code

SSLProtocol

then, add the option

Code

-SSLv3

To finish, reload apache and everything should be fine

Daily visitors

In the past 24 hours have visited 9 Members Online - Record: 138 Members (Dec 28th 2018)

This site uses cookies. By continuing to browse this site, you are agreeing to our use of cookies. More Details Close

Your browser has JavaScript disabled. If you would like to use all features of this site, it is mandatory to enable JavaScript.