(Update) We’ve released some great new content over the past few years, visit Cloud Academy’s Training Library for the latest training material.
In a recent post, we discussed what the POODLE Scans Attack is and how to disable it in Amazon AWS ELB and Cloud Front Services. In this article, we will see how to fix the POODLE on Windows Server 2012 R2. The POODLE Scans Attack is a specific vulnerability of SSLV3.0, so to mitigate this attack we need to disable SSLV3.0 completely.
In Windows Server 2012 R2 the SSL/TLS protocols are controlled by flags in the registry settings. So to disable the SSLV3 we need to edit the registry settings. We need to have Administrator privileges to perform this activity.
Before performing the disabling of POODLE Scan Attack on any device, we need to verify whether hosted domain/host is Vulnerable with respect to POODLE or not.
Vulnerable Domain Non vulnerable domai)
If your domain/URL is shown as vulnerable, the following steps will disable SSL3 and fix the vulnerability:
How to fix POODLE on Windows Server 2012 R2
- Login to Windows Server 2012 R2 and open the Registry Editor running it as administrator:
On the Start screen type regedit.exe.
Right-click on regedit.exe and click Run as administrator.
- In the Registry Editor window, go to: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\
- In the navigation tree, right-click on Protocols, and in the pop-up menu, click New > Key and name the key as SSL 3.0
- In the navigation tree, right-click on the new SSL 3.0 key that we have created in the above step, and in the pop-up menu, click New > Key and name the key as Client
- In the navigation tree, right-click again on the SSL 3.0 and in the pop-up menu, click New > Key and name the key as Server
- In the navigation tree, under SSL 3.0, right-click on Client, and in the pop-up menu, click New > DWORD (32-bit) Value
and name the value DisabledByDefault
- In the navigation tree, under SSL 3.0, select Client and then, in the right pane, double-click the DisabledByDefault DWORD value. In the Edit DWORD (32-bit) Value window, in the Value Data box change the value to 1 and then, click OK.
- In the navigation tree, under SSL 3.0, right-click on Server, and in the pop-up menu, click New > DWORD (32-bit) Value and name the value Enabled.
- In the navigation tree, under SSL 3.0, select Server and then, in the right pane, double-click the Enabled DWORD value. In the Edit DWORD (32-bit) Value window, in the Value Data box leave the value at 0 and then, click OK.
- Restart the Windows Server to apply these changes permanently.
After the restart, verify whether your changes have applied successfully by checking your domain again on POODLE Scan Test, and you are done!
Docker Image Security: Get it in Your Sights
For organizations and individuals alike, the adoption of Docker is increasing exponentially with no signs of slowing down. Why is this? Because Docker provides a whole host of features that make it easy to create, deploy, and manage your applications. This useful technology is especiall...
VPN Encryption: How to Find the Best Solution
Each day there are 2.5 quintillion bytes of data created. People in all corners of the earth use the internet all day, every day. When we browse social media, conduct transactions, and search the web, we're leaving behind a digital footprint. Encryption helps you protect the data yo...
Blog Digest: Which Certifications Should I Get?, The 12 Microsoft Azure Certifications, 6 Ways to Prevent a Data Breach, and More
This month, we were excited to announce that Cloud Academy was recognized in the G2 Summer 2020 reports! These reports highlight the top-rated solutions in the industry, as chosen by the source that matters most: customers. We're grateful to have been nominated as a High Performer in se...
6 Ways to Prevent a Data Breach
The cloud is a new territory for the digital world. But with all of its benefits, there also come risks and dangers. If your business depends on the cloud to store data, you’re probably facing a number of problems about how to best secure your data. According to studies, as many as 95 p...
Blog Digest: 5 Reasons to Get AWS Certified, OWASP Top 10, Getting Started with VPCs, Top 10 Soft Skills, and More
Thank you for being a valued member of our community! We recently sent out a short survey to understand what type of content you would like us to add to Cloud Academy, and we want to thank everyone who gave us their input. If you would like to complete the survey, it's not too late. It ...
OWASP Top 10 Vulnerabilities
Over the last few years, more than 10,000 Open Web Application Security Project (OWASP) vulnerabilities have been reported into the Common Vulnerabilities and Exposures (CVE®) database each year. This is a list of common identifiers for publicly known cybersecurity vulnerabilities. Curr...
Blog Digest: AWS Breaking News, Azure DevOps, AWS Study Guide, 8 Ways to Prevent a Ransomware Attack, and More
New articles by topic AWS Azure Data Science Google Cloud Cloud Adoption Platform Updates & New Content Security Women in Tech AWS Breaking News: All AWS Certification Exams Now Available Online As an Advanced AWS Technology Partner, C...
8 Ways to Protect Your Data From a Ransomware Attack
Ransomware attacks have continued to grow both in scope and audacity over the past several years. This type of malware has become one of the biggest cybersecurity threats for enterprises, and experts predict the situation is only going to get worse. The WannaCry ransomware incident o...
Cloud Academy’s Blog Digest: How Do AWS Certifications Increase Your Employability, How to Become a Microsoft Certified Azure Data Engineer, and more
With everything going on right now, it's likely that the only thing you've been reading lately is related to the coronavirus pandemic. It's important to stay informed during these times, but it's also good to jump into something that can take your mind off of the current situation for j...
Azure Security: Best Practices You Need to Know
When it comes to Azure Security best practices, where do you begin? In a lot of ways, Azure is very similar to any other data center. But with that said, Azure can also be very different. Securing Azure can pose many unique challenges. The security of resources hosted in Azure is of the...
Cloud Computing Solutions: 7 Trends for the Future
The world of cloud computing is in a state of flux. Not long ago, the cloud was considered an emerging technology, known only to IT specialists. Today it is a part of everyday life – 96% of businesses use the cloud in one form or another, and this number only looks set to grow. Whether ...
AWS Security Groups: Instance Level Security
Instance security requires that you fully understand AWS security groups, along with patching responsibility, key pairs, and various tenancy options. As a precursor to this post, you should have a thorough understanding of the AWS Shared Responsibility Model before moving onto discussi...