Jul 31, 2017
It has been quite a while since my original blog was published (Poodle or Terrier - Are Your Systems Safe back in June 2015) but it is sad to see there are still people using outdated browsers and applications, and still being caught by the POODLE man-in-the-middle-attack. It is particularly distressing as the “fix” is relatively simple – KEEP YOUR PC’s UP-TO-DATE with the latest patches and updates, or at the very least change the settings on your browser(s) so that it/they are not able to use SSLv3, and stop accessing applications that still use SSLv3. As mentioned in my previous article, if you are using the latest and updated browsers (such as Edge, Chrome, Safari and Firefox etc.), they are now all configured not to use SSLv3 anymore by default, but it is always wise to double-check, and please make sure that any applications you or your organization are using are configured NOT to use SSL 3.0 (and preferably not TLS 1.0 and 1.1 nowadays as well!)
If you would like more information on the training we offer around system security visit our website.
In addition, it has been recently pointed out that at least one of the links I gave above to re-configure the browsers, particularly for the Ubuntu and Mac servers etc. are out of date and broken, so here are a couple of updated links:
A website called disablessl3.com/ which gives a rundown on why we need to disable the SSLv3 protocol, and instructions on how to configure all the current browsers, as well as a number of web server and mail server applications such as IIS, Apache, Nginx, Lighttpd, Sendmail and Postfix etc., and even Java, OpenVPN, Puppet and other application configuration changes.
- Stephen Cooper has written an excellent article entitled The POODLE Exploit and How To Defeat It for the BestVPN website. Stephen’s blog goes into more detail on the SSLv3 vulnerabilities, and also includes step by step instructions on how to configure the current range of browsers, including screenshots.