First thing that came to my mind when reading about POODLE was how can I test, followed by what to do to patch/fix this.

So the first thing is to test for the vulnerability. And from all I have read so far is that you are vulnerable if your servers support SSLv3. I am confident that many of the ones I manage do; so lets test this out.

First thing I did was log into my Greyhat Test Box, thank you Kali Linux. Note: this could be any Linux distribution I just wanted to plug those guys/and/gals.

At the command line we will be using the OpenSSL tools to test by typing the following:

If this connects you have SSLv3 enabled, if it failed then you will see:

So if you run a server check out the following links:

Microsoft:
https://technet.microsoft.com/library/security/3009008.aspx

Apache:
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie

Tomcat:
http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS

Nginx:
http://nginx.com/blog/nginx-poodle-ssl/

And for the end users, disable SSL 3.0 in your browser, avoid MITM attack by using a VPN connection and always, always use HTTPS.