[openssl-dev] Nesses shows poodle
Salz, Rich
rsalz at akamai.com
Wed Feb 11 15:41:53 UTC 2015
Without knowing ANY details about how the Nessus POODLE scan works, it is hard to say. If you have a recent version of OpenSSL installed, then you are protected from Poodle, regardless of what the scan claims.
If you want to check if you have completely disabled SSLv3, try this:
openssl s_client -connect $HOSTNAME:443 -ssl3
--
Principal Security Engineer, Akamai Technologies
IM: rsalz at jabber.me<mailto:rsalz at jabber.me> Twitter: RichSalz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150211/c8160033/attachment-0001.html>
More information about the openssl-dev
mailing list