POODLE SSLv3 Vulnerability

What is the POODLE Vulnerability?

On October 14th, 2014, a vulnerability in version 3 of the SSL encryption protocol was disclosed. This vulnerability, dubbed POODLE (Padding Oracle On Downgraded Legacy Encryption), allows an attacker to read information encrypted with this version of the protocol in plain text using a man-in-the-middle attack.

Although SSLv3 is an older version of the protocol which is mainly obsolete, many pieces of software still fall back on SSLv3 if better encryption options are not available. More importantly, it is possible for an attacker to force SSLv3 connections if it is an available alternative for both participants attempting a connection.

How To Disable SSLv3 to protect your server

Nginx Web Server

To disable SSLv3 in the Nginx web server, you can use the ssl_protocols directive. This will be located in the server or http blocks in your configuration.

For instance, on Ubuntu, you can either add this globally to /etc/nginx/nginx.conf inside of the httpblock, or to each server block in the /etc/nginx/sites-enabled directory.

sudo nano /etc/nginx/nginx.conf

To disable SSLv3, your ssl_protocols directive should be set like this:

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

cPanel Server

Navigate to WHM » Service Configuration » Apache Configuration » Include Editor » Pre Main Include 

Code:

SSLProtocol All -SSLv2 -SSLv3
SSLCipherSuite EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+
SSLHonorCipherOrder on

save and then restart the Apache

How to install Maldet

Malware Detect is very easy to install on CentOS, regardless of the control panel you utilize (cPanel/WHM, Directadmin, etc). Maldet also known as Linux Malware Detect virus scanner for Linux.

There is nothing complicated in installation process, but root access to your server is required.

Installation via SSH

cd /usr/local/src/
wget http://www.rfxn.com/downloads/maldetect-current.tar.gz
tar -xzf maldetect-current.tar.gz
cd maldetect-*
sh ./install.sh or sudo sh ./install.sh
maldet --update-ver
maldet --update[/i]

To scan a folder, for example /home you should type maldet -a /home.

 

How to find Serial Number on Linux server

Finding serial number on the Linux Machine is quite simple, you just need to fire the command below.

root@justgeek~]# dmidecode -t 1

You will get the results below.

root@justgeek~]# dmidecode -t 1
System Information
Manufacturer: Dell Inc.
Product Name: PowerEdge 1950
Version: Not Specified
Serial Number: RRRRD4F
UUID: 111356C-7890-104E-8034-C78965432E3153
Wake-up Type: Power Switch
SKU Number: Not Specified
Family: Not Specified