POODLE attack - SSL 3
This is a brief explanation what the POODLE attack is and how you can protect your apache httpd server.
What is POODLE?
POODLE is the abbreviation for Padding Oracle On Downgraded Legacy Encryption. But what does that mean? And why do I have to worry about?
If you are running a web server, you probably already set up a certificate for a secure https connection. You can enable or disable various encryption protocols like SSL 3, TLS 1 or TLS 2.The web browser tries to establish a TSL connection with your server. If that fails, a lower TSL version will be used. This can happen multiple times, so the web server and browser fall back to a deprecated SSL protocol (if enabled).
A hacker can start a man-in-the-middle attack by forcing the browser to use the insecure protocol and inserting himself into the session. SSL 3 allows the padding data of each block cipher to be changed. After a few requests, the encryption cipher become uncertain.
This is why you should disable SSL 3 on your web server.
You can check your supported protocols for your domain on https://www.ssllabs.com/ssltest/.
If the result looks similar to the following image, you can visit "How to protect against a POODLE attack" to disable SSL 3.
Please comment below, if you have any questions.
- Post photo by Ilya Pavlov on Unsplash