Is there a way to drop/stop #SSLv3 handshake packets in iptables on routers? #POODLE #Linux #security — Gert van Dijk ⚠️ (@gertvdijk) October 15, 2014 TL;DR: Only do this if you can't change your application/device in your network and you want to kill SSLv3 on network level. Example for logging SSLv3 outbound connections on your host. Run: iptables -I OUTPUT 1 \ -p tcp \! -f --dport 443 \ -m state
![How to take down SSLv3 in your network using iptables firewall? (POODLE)](https://cdn-ak-scissors.b.st-hatena.com/image/square/e6987b4692aba85f0043e93f14ae0d36c503a28e/height=288;version=1;width=512/https%3A%2F%2Fblog.g3rt.nl%2Fimages%2F20141016_tlsv1_wireshark.png)