Nibbles & Bits

Reminder – Mind your Poodle (SSL vulnerability)!

by | October 15, 2014

What is this Poodle?
Check out the PDF here

The short version is that SSL 3.0 has some issues that mean that if you value the security of your server hosting an SSL accessible service, then you should disable SSLv3 on any applicable systems that are affected.

Am I Affected?
Go to a command line and type:
s_client -connect $hostname:443 -ssl3

*Obviously – replace $hostname with the actual hostname you want to test

If you get an error – that’s good – that means this vulnerability does not affect that server. If you get a connection/certificate – that’s bad and you should fix it.

How to Fix It:
An article on implementing the fix is available here http://askubuntu.com/questions/537196/how-do-i-patch-workaround-sslv3-poodle-vulnerability-cve-2014-3566

It could be as simple as updating apache ssl conf file, but please reference the article above for your scenario.

“We decided to move our rather complex IP address and DHCP management process to ProVision and it has worked out great for us!! The team at 6connect were very flexible and went above and beyond to accommodate our requirements and helped to make the migration as smooth and hitch free as possible. Kudos to the team @ 6connect!”

Premkumar Subramaniam
Head of R&D
viewquest

You have IPv6!

You’re on IPv4.

Explore ProVision Suite

Resource Controller

DNS/DNSSEC

IPAM

DHCP Controller

Peering Controller

REST API

Talk to one of our Engineers

Do NOT follow this link or you will be banned from the site!