Poodle

Disable SSLv3 in Lighttpd to protect against POODLE attack

Protecting against the POODLE attack with Lighttpd is easy by changing its configuration. Disable SSLv2 and SSLv3 to limit the attacks on the SSL protocol.

Summary of Disable SSLv3 in Lighttpd to protect against POODLE attack

Protecting against the POODLE attack The POODLE attack has entered the news a few times now. The issue behind the POODLE attack is serious, as it abuses a weakness in the protocol, not the implementation. This means the only proper fix is abandoning the SSLv3 protocol and use the newer TLS protocols. Disable SSLv2 and SSLv3 Lighttpd commonly has its configuration settings stored in /etc/lighttpd/lighttpd.conf. Open this file and add the following two statements, to disable both protocols:

Read the full article…

Protect Linux systems against SSLv3 Poodle vulnerability

The Poodle vulnerability is discovered in October 2014, putting all systems using SSL 3.0 at risk. We share steps to mitigate this vulnerability on Linux based systems.

Summary of Protect Linux systems against SSLv3 Poodle vulnerability

What is the Poodle vulnerability ? The “Poodle” vulnerability is basicly an attack on the SSL 3.0 protocol. It is discovered in October 2014. The flaw is in the protocol itself (not implementation), which makes the issue applicable for all products using SSL 3.0. TLS 1.0 and later are considered safe against the attack. How does the attack work? While we won’t go into too much depth of encryption and ciphers, we will share some basics.

Read the full article…