I’m looking for some insight on the POODLE exploit in SSLv3 and what I need to be aware of where MikroTik is concerned.
A couple posible places come to mind right off but there may be others.
First, is Webfig. Will it negotiate SSLv3 and if so, how do I disable it?
Second is when using SSTP VPN tunnels. The MikroTik documentation plainly states that it uses SSLv3 (http://wiki.mikrotik.com/wiki/Manual:Interface/SSTP#Summary) If for some reason POODLE does not apply to this implimentation, please explain as I am aware that it applies to other SSLv3 implimentations including SMTP, POP3 and IMAP.
I don’t think SSLv3 is an issue when using the MikroTik as a proxy server because it only proxies HTTP traffic and not HTTPS. Someone please correct me herer if I’m wrong.
Are there any other places I’m not thinking of that I should be aware of?
I’m sure I’m not the only one that knows enough to ask the questions but not enough to also answer them.