Categories
News Software Technical

Tech Short: Let’s test for POODLE or SSLv3

First thing that came to my mind when reading about POODLE was how can I test, followed by what to do to patch/fix this.

So the first thing is to test for the vulnerability. And from all I have read so far is that you are vulnerable if your servers support SSLv3. I am confident that many of the ones I manage do; so lets test this out.

First thing I did was log into my Greyhat Test Box, thank you Kali Linux. Note: this could be any Linux distribution I just wanted to plug those guys/and/gals.

At the command line we will be using the OpenSSL tools to test by typing the following:

openssl s_client -connect <server>:<port> -ssl3

If this connects you have SSLv3 enabled, if it failed then you will see:

error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure

So if you run a server check out the following links:

Microsoft:
https://technet.microsoft.com/library/security/3009008.aspx

Apache:
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#msie

Tomcat:
http://tomcat.apache.org/tomcat-6.0-doc/apr.html#HTTPS

Nginx:
http://nginx.com/blog/nginx-poodle-ssl/

And for the end users, disable SSL 3.0 in your browser, avoid MITM attack by using a VPN connection and always, always use HTTPS.

 

2 replies on “Tech Short: Let’s test for POODLE or SSLv3”

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.