POODLE Attack: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 7: | Line 7: | ||
* https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack | * https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack | ||
* https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/ | * https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/ | ||
=Overview= | |||
=Disable SSL3 on Apache httpd= | =Disable SSL3 on Apache httpd= | ||
Revision as of 00:36, 7 January 2016
Internal
External
- https://community.qualys.com/blogs/securitylabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
- https://scotthelme.co.uk/sslv3-goes-to-the-dogs-poodle-kills-off-protocol/
Overview
Disable SSL3 on Apache httpd
To disable SSLv3 on httpd modify the SSLProtocol directive at the top level in ssl.conf:
SSLProtocol All -SSLv2 -SSLv3
This will give you support for TLSv1.0, TLSv1.1 and TLSv1.2, but explicitly removes support for SSLv2 and SSLv3.