3 Replies Latest reply on Dec 24, 2014 4:38 AM by sebbie

    How do i determine i am patched for poodle


      Hey Guys,


      I have recently inherited the administration of the our Securemail applainces and just have a few questions. If you could help me answer them that would be great.


      We are running Email Gateway 7.5.4 h960401. I am required to install the Poodle hot fix. I have been doing some research and came accross the document written by Ryan Brady about disabling SSL v3 for the MEG. I checked the configuration of my Securemail for forbidden protocols and it shows that I need to add <Attr name ="1" value=SSLv3"/>. The current config set up is below.


      -<List name="ForbiddenProtocols" type="nstr">

      <Attr name="0" value="SSLv2"/>


      I ran the code on the machine to determine if i am vulnerable


      export hostname=XXXXXXXif echo Q | openssl s_client -connect $(hostname):443 -ssl3 2> /dev/null | grep -v "Cipher.*0000"; then echo "SSLv3 enabled"; else echo "SSLv3 disabled"; fi

      and it showed the following. As u can see it shows my cert when I run it on 10443 (admin port) and says that sslv3 is enabled . But also shows thats ssl v3 is disabled for 443. As im new to all this, should it be disabled for port 10443 as we use that for email quarantine notifications.


      On my secondary appliance I have installed the poodle hot fix. I went into TLS advanced options and set TLS enforcement.



      I checked the config of the secondary securemail appliance and determined sslv3 was disabled.

      I also ran the commands on the appliance and I got the following. Notes the cert details are not shown when run on 10443 but says sslv3 is still enabled.sslv3 also shows as disabled for port 443


      So my questions are:


      Should I be checking port 10443 as I am using it for quarantine notifications? Why is it still showing as enabled for the secondary applaince?

      Am I now patched for poodle on the secondary appliance?


      Sorry for the basic questions. Im new to all of this.