Beware of the POODLE SSL 3.0 Vulnerability

This post may be a little bit late, however, I feel it pertinent to inform you all of a vulnerability that was discovered about year ago. To protect yourselves, it would be best to disable SSL 3.0 which is a technology that is nearly 18 years old. More info can be found here: http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html

Instructions on how to disable SSL 3.0 is listed below:

FIREFOX (https://support.mozilla.org/en-US/questions/967266)

Current Firefox no longer have a user interface setting to disable TLS or SSL3, but you can make the change on the about:config page. Future Firefox versions will support higher TLS versions (1.1 and 1.2) and both SSL3 and TLS 1.0 are enabled by default.
You can set the security.tls.version.min and security.tls.version.max prefs to 0 to disable TLS (0 means SSL3)

See also:

0 means SSL 3.0, 1 means TLS 1.0, 2 means TLS 1.1, etc.

GOOGLE CHROME

In Advanced setting, Network>Change Proxy Settings, Advanced tab, uncheck “Use SSL 3.0”. Default is unchecked.

IE 9.

Internet option, advanced tab, uncheck use SSL 3.0

Remain protected,

The Nerds in Black

Advertisements