Which cipher suits should i disable to protect from POODLE attack in SSLv3?

0 投票
最新提问 用户: (120 分)

I am using SSLv3. So, can anyone help me which cipher suit should i disble to protect from poodle attack. ?

发表于 用户: (140 分)
Don't use SSLv3! It is widely considered to be broken. Upgrade to TLSv1.2 instead. POODLE specifically targets CBC ciphers - which is most of them in SSLv3. Your main alternative to CBC ciphers in SSLv3 is RC4 which is equally broken and should not be used.
发表于 用户: (2.5k 分)
Please show your code. You should ask a specific question for a particular problem. Since Stack Overflow hides the Close reason from you: "Questions asking us to recommend or find a book, tool, software library, tutorial or other off-site resource are off-topic for Stack Overflow as they tend to attract opinionated answers and spam. Instead, describe the problem and what has been done so far to solve it."
发表于 用户: (2.5k 分)
Here are two easy to find resources: Adam Langley's POODLE attacks on SSLv3 and The POODLE bites again.

登录 或者 注册 后回答这个问题。

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。