Advertisement

05.30.2008 at 07:41AM PDT, ID: 23444742
[x]
Attachment Details

Disabling weak SSL in IIS 6

Asked by SidFishes in Microsoft IIS Web Server

I would like to disable all ciphers below 128bit

I've read http://support.microsoft.com/kb/245030

but I just want to ensure that I'm going to do this right.

I should set create and set dword to 0x0 for the following

HKLMSYSTEM\CurrentControlSet\Control\SecurityProviders\

SCHANNEL\Ciphers\RC4 64/128 Subkey:RC4 64/128
SCHANNEL\Ciphers\RC4 56/128 Subkey:RC4 56/128
SCHANNEL\Ciphers\RC2 56/128 Subkey:RC2 56/128
SCHANNEL\Ciphers\RC2 56/56 Subkey:RC2 56/56
SCHANNEL\Ciphers\RC4 40/128 Subkey:RC4 40/128
SCHANNEL\Ciphers\RC2 40/128 Subkey:RC2 40/128

While I'm there should I disable MD5 hash?



Start Free Trial
[+][-]05.31.2008 at 09:22PM PDT, ID: 21686018

View this solution now by starting your 7-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zone: Microsoft IIS Web Server
Sign Up Now!
Solution Provided By: Dave_Dietz
Participating Experts: 1
Solution Grade: A
 
 
 
Loading Advertisement...
20080716-EE-VQP-32 / EE_QW_EXPERT_20070906