Raúl Santos
The recent SSLv3 POODLE vulnerability is a tricky one, because there’s no patch and you actually have to do the hardwork yourself. Luckily it’s not hard.
Here are a few resources I found useful:
- Disabling SSLv3 For POODLE, on Linode’s documentation.
- Disabling SSLv3 Support on Servers, by the ZMap folks.
- POODLE Attack and SSLv3 Deployment, also by the ZMap folks.
- How do I patch/workaround SSLv3 POODLE vulnerability (CVE-2014-3566)?, on Ask Ubuntu.
- SSL Server Test, by Qualys SSL Labs.