Protect against poodle attack + enable forward secrecy
To protect agains the poodle attack you need to check your browser.
If you own a website/server you can also help protect others by removing support for SSLv3 and enabling forward secrecy.
Firstly disable SSLv3 or bellow in your browser.
Chrome since v39 has the protocol disabled by default.
For Firefox browse to about:config
and set security.tls.version.min = 1
For IE:
Launch “Internet Options” from the Start Menu
Click the “Advanced” tab
Uncheck “Use SSL 3.0”
Secondly if you have a server simply disable the vulnerable protocols. In case of apache I simply added in my pre_main_global.conf (it includes the code for forward secrecy):
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"