POODLE: Turning off SSLv3 for various servers and client.

Published: 2014-10-15
Last Updated: 2014-10-15 17:29:16 UTC
by Johannes Ullrich (Version: 1)
3 comment(s)

Before you start: While adjusting your SSL configuration, you should also check for various other SSL related configuration options. A good outline can be found at http://bettercrypto.org as well as at http://ssllabs.com (for web servers in particular)

Here are some configuration directives to turn off SSLv3 support on servers:

Apache: Add -SSLv3 to the "SSLProtocol" line. It should already contain -SSLv2 unless you list specific protocols. 

nginx: list specific allowed protocols in the "ssl_protocols" line. Make sure SSLv2 and SSLv3 is not listed. For example: ssl_protocols TLSv2 TLSv1.1 TLSv1.2;

Postfix: Disable SSLv3 support in the smtpd_tls_manadatory_protocols configuration line. For example: smtpd_tls_mandatory_protocols=!SSLv2,!SSLv3

Dovecot: similar, disable SSLv2 and SSLv3 in the ssl_protocols line. For example: ssl_protocols = !SSLv2 !SSLv3

HAProxy Server: the bind configuration line should include no-sslv3 (this line also lists allowed ciphers)

puppet: see https://github.com/stephenrjohnson/puppetmodule/commit/1adb73f9a400cb5e91c4ece1c6166fd63004f448 for instructions

For clients, turning off SSLv3 can be a bit more tricky, or just impossible.

Google Chrome: you need to start Google Chrome with the "--ssl-version-min=tls1" option. 

Internet Explorer: You can turn off SSLv3 support in the advanced internet option dialog.

Firefox: check the "security.tls.version.min" setting in about:config and set it to 1. Oddly enough, in our testing, the default setting of 0 will allow SSLv3 connections, but refuses to connect to our SSLv3 only server.

For Microsoft Windows, you can use group policies. For details see Microsoft's advisory: https://technet.microsoft.com/en-us/library/security/3009008.aspx

To test, continue to use our "POODLE Test" page at https://poodletest.com or the Qualys SSLLabs page at https://ssllabs.com

To detect the use of SSLv3, you can try the following filters:

tshark/wireshark display filters: ssl.handshake.version==0x0300

​tcpdump filter: (1) accounting for variable TCP header length: 'tcp[((tcp[12]>>4)*4)+9:2]=0x0300'
                       (2) assuming TCP header length is 20: 'tcp[29:2]=0x0300'

We will also have a special webcast at 3pm ET. For details see


the webcast will probably last 20-30 minutes and summarize the highlights of what we know so far.

Johannes B. Ullrich, Ph.D.

3 comment(s)
Diary Archives