Solved

Weak SSL Ciphers & Insecure Version of SSL Protocol Accepted

Posted on 2007-11-30
2
4,831 Views
Last Modified: 2012-06-27
On a Windows 2000 server web server i need to be able to perform the following actions.

The SSL configuration should be changed so that connections using weak (that is, less than 128-bit) encryption ciphers are rejected.

And

The SSL configuration on the listed hosts should be changed so that SSL connections using the insecure version 2 protocol are not accepted.


0
Comment
Question by:Cooker4246
2 Comments
 
LVL 37

Accepted Solution

by:
meverest earned 125 total points
ID: 20385482
On directory security tab, click 'edit' in 'secure connections', check 'require ssl' and 'require 128 bit'

Cheers.
0
 
LVL 34

Assisted Solution

by:Dave_Dietz
Dave_Dietz earned 125 total points
ID: 20409216
For the second part of your question please see the following KB article:

How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll
http://support.microsoft.com/kb/245030/en-us

And to a lesser extent:

How to control the ciphers for SSL and TLS
http://support.microsoft.com/kb/216482/en-us

Dave Dietz
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

So you need a certificate so you can offer SSL encryption.  But which one should you get?  There are so many choices out there! Here is a generic overview of the main types of SSL certificates sold by the majority of commercial Certification Auth…
As tax season makes its return, so does the increase in cyber crime and tax refund phishing that comes with it
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

685 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question