Home Internet POODLE Attack -Definition ,Working , Testing & Precaution Tips For Browser And...

POODLE Attack -Definition ,Working , Testing & Precaution Tips For Browser And Server

0
Poodle-attack- Tectrick
Poodle-attack- Tectrick

What is POODLE attack

The POODLE attack (which stands for “Padding Oracle On Downgraded Legacy Encryption”) is a man-in-the-middle exploit which takes advantage of Internet and security software clients’ fallback to SSL 3.0.

Example

To explain this in simpler terms, if an attacker using a Man-In-The-Middle attack can take control of a router at a public hotspot, they can force your browser to downgrade to SSL 3.0 (an older protocol) instead of using the much more modern TLS (Transport Layer Security), and then exploit a security hole in SSL to hijack your browser sessions. Since this problem is in the protocol, anything that uses SSL is affected.

Risk of Poodle

A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption.

POODLE can be used to target browser-based communication that relies on the Secure Sockets Layer (SSL) 3.0 protocol for encryption and authentication.

What to do For prevention

The Transport Layer Security (TLS) protocol has largely replaced SSL for secure communication on the Internet, but many browsers will revert to SSL 3.0 when a TLS connection is unavailable.

An attacker who wants to exploit POODLE takes advantage of this by inserting himself into the communication session and forcing the browser to use SSL 3.0.


Since there’s no way to solve the problems with SSL, the only solution is for browser makers and web servers to upgrade everything to remove support for SSL and require only TLS encryption.Disable SSL from your web browser

How to find Your Server is vulnerable for poodle or not ?

To check that SSL 3.0 is disabled on not follow these steps . Go to http://poodlescan.com/. or https://pentest-tools.com/network-vulnerability-scanning/ssl-poodle-scanner Fill your domain name or your host ip address and click on start scan.

Check server for poodle vulnerability
Check server for poodle vulnerability

As show in the upper image google.com scanning shows that google.com disabled ssl 3.0 so is not vulnerable .

What to do?

If you found your webserver is vulnerable then ask your web host to disable ssl 3.0 support on server .

By default SSL 3.0 is disabled

Google and Firefox have already announced that they will be removing support in the future, and while we haven’t (yet) heard the same from Microsoft, it’s extremely easy as an end-user to disable SSL 3.0 in IE.

As a consumer, you can remove support for SSL from your browser using one of the methods outlined below — or if you are using Firefox or Google Chrome and aren’t using hotspots all the time, you could wait for them to update the browser. Or you can make sure that you’ve fixed the problem yourself.