Solved

Deprecated SSL Protocol Usage, Windows 2003 IIS, how to update ?

Posted on 2010-08-13
4
1,156 Views
Last Modified: 2012-06-27
Port scanner are picking up that we're using Deprecated SSL Protocol Usage.

Windows 2003 Server, ALL MS UPDATES are up to date
IIS6 is web server.

How do I update to new SSL ?
0
Comment
Question by:martinmiller40
  • 2
4 Comments
 
LVL 3

Expert Comment

by:jnbkze
ID: 33435322
go to c:\windows\system32\drivers\etc

open the "services" file with Edit or notepad. go down the list and search for the port for this, and change it to what you want it to be...

just ensure that all clients use the same port in the services file, else it wont be able to communicate.
0
 

Author Comment

by:martinmiller40
ID: 33435430
Does not make sense, can you clarify ?

I understand the services file... how is this relevant to a depreciated SSL protocol ?
0
 
LVL 4

Accepted Solution

by:
Zxeses earned 500 total points
ID: 33436019
I think your previous expert saw "protocol" and interpreted it as "port".  SSL is a port-independent conversation that can happen on any port for any service.

David Wagner of UC Berkeley and Bruce Schneier have put out an excellent papaer on SSL version 3 and why the deprecation of 2.0.  http://www.schneier.com/paper-ssl.pdf

Now to disable SSL 2.0 and others, read and follow http://support.microsoft.com/kb/187498 and take SPECIAL note of the opening paragraph as to upgrading to 2008 IIS 7.0 or newer.

You'll also need to disable older ciphers, http://support.microsoft.com/kb/245030
0
 

Author Comment

by:martinmiller40
ID: 33437593
@ Zxeses

Looks like you NAILED the answer, THANK YOU.  


I am using Windows 2003 and IIS 6, are there any other Need-To-Knows with this combo ?

Thx !

Martin
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Recently, I had the need to build a standalone system to run a point-of-sale system. I’m running this on a low-voltage Atom processor, so I wanted a light-weight operating system, but still needed Windows. I chose to use Microsoft Windows Server 200…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

786 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question