POODLE Attack: Difference between revisions
Jump to navigation
Jump to search
(Created page with "=Internal= * httpd SSL Configuration =External= * https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack * https://scotthe...") |
No edit summary |
||
Line 7: | Line 7: | ||
* https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack | * https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack | ||
* https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/ | * https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/ | ||
=Disable SSL3 on Apache httpd= | =Disable SSL3 on Apache httpd= |
Revision as of 00:35, 7 January 2016
Internal
External
- https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
- https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/
Disable SSL3 on Apache httpd
To disable SSLv3 on httpd modify the SSLProtocol directive at the top level in ssl.conf:
SSLProtocol All -SSLv2 -SSLv3
This will give you support for TLSv1.0, TLSv1.1 and TLSv1.2, but explicitly removes support for SSLv2 and SSLv3.