POODLE attack - SSL 3

Linux Aug 15, 2017

This is a brief explanation what the POODLE attack is and how you can protect your apache httpd server.

What is POODLE?

POODLE  is the abbreviation for Padding Oracle On Downgraded Legacy Encryption. But what does that mean? And why do I have to worry about?

If you are running a web server, you probably already set up a certificate for a secure https connection. You can enable or disable various encryption protocols like SSL 3, TLS 1 or TLS 2.The  web browser tries to establish a TSL connection with your server. If  that fails, a lower TSL version will be used. This can happen multiple  times, so the web server and browser fall back to a deprecated SSL protocol (if enabled).

A hacker can start a man-in-the-middle attack by  forcing the browser to use the insecure protocol and inserting himself  into the session. SSL 3 allows the padding data of each block cipher to be changed. After a few requests, the encryption cipher become uncertain.

This is why you should disable SSL 3 on your web server.

You can check your supported protocols for your domain on https://www.ssllabs.com/ssltest/.

If the result looks similar to the following image, you can visit "How to protect against a POODLE attack" to disable SSL 3.

ssllabs result

Please comment below, if you have any questions.




Howdy! I'm Stefan and I am the main author of this blog. If you want know more, you can check out the 'About me' page.

Impressum | Data Privacy Policy | Disclaimer
Copyright: The content is copyrighted and may not be reproduced on other websites without permission.