Dog Training for Network Admins: Managing POODLE - CVE-2014-3566

CVE-2014-3566 relates to a flaw found in handling of padded bytes in SSL3.0 when using CBC mode for the encryption[3]. The flaw may be exploited topermit a man-in-the-middle (MITM) attack. The attacker may be able todecrypt a selected byte of a cipher text in a limited number (256) ofattempts, by repeatedly requesting the victim to send the same data overmultiple SSLv3 connections. The vulnerability exists in the protocol itself and not a specificimplementation of the protocol e.

Read More →

Connecting to OpenVPN from a Mac using Tunnelblink

To connect to an OpenVPN server you need an appropriate OpenVPN clientinstalled to establish the SSL link. For Apple Mac OS X systems,TunnelBlick (http://code.google.com/p/tunnelblick/) is a good graphicaluser interface. At the time of this blog the current latest stableversion of TunnelBlick available was 3.2.7. These instructions wereexecuted on an Apple iMac running Mac OS X 10.7.4. As with all otherposts on this blog, the purpose of this post is not to provide atutorial, but instead to documents the steps taken, for my ownbenefit.

Read More →