POODLE attack - SSL 3

Linux Aug 15, 2017

This is a brief explanation what the POODLE attack is and how you can protect your apache httpd server.

What is POODLE?

POODLE is the abbreviation for Padding Oracle On Downgraded Legacy Encryption. But what does that mean? And why do I have to worry about?

If you are running a web server, you probably already set up a certificate for a secure https connection. You can enable or disable various encryption protocols like SSL 3, TLS 1 or TLS 2. The client (e.g. web browser) tries to establish a TLS connection with your server. If that fails, another TLS version will be used. The negotiation could lead to an deprecated SSL protocol.

A malicious client can also force the server to use the insecure protocol and exploit known vulnerabilities. SSL 3 allows the padding data of each block cipher to be changed. After a few requests, the encryption cipher become uncertain.

This is why you should disable SSL 3 on your web server.

You can check your supported protocols for your domain on https://www.ssllabs.com/ssltest/.

If the result looks similar to the following image, you can visit "How to protect against a POODLE attack" to disable SSL 3.

ssllabs result

Credits:

Tags

Stefan

Howdy! I'm Stefan and I am the main author of this blog. If you want know more, you can check out the 'About me' page.

Impressum | Data Privacy Policy | Disclaimer
Copyright: The content is copyrighted and may not be reproduced on other websites without permission.