?
Solved

Deprecated SSL Protocol Usage, Windows 2003 IIS, how to update ?

Posted on 2010-08-13
4
Medium Priority
?
1,165 Views
Last Modified: 2012-06-27
Port scanner are picking up that we're using Deprecated SSL Protocol Usage.

Windows 2003 Server, ALL MS UPDATES are up to date
IIS6 is web server.

How do I update to new SSL ?
0
Comment
Question by:martinmiller40
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 3

Expert Comment

by:jnbkze
ID: 33435322
go to c:\windows\system32\drivers\etc

open the "services" file with Edit or notepad. go down the list and search for the port for this, and change it to what you want it to be...

just ensure that all clients use the same port in the services file, else it wont be able to communicate.
0
 

Author Comment

by:martinmiller40
ID: 33435430
Does not make sense, can you clarify ?

I understand the services file... how is this relevant to a depreciated SSL protocol ?
0
 
LVL 4

Accepted Solution

by:
Zxeses earned 2000 total points
ID: 33436019
I think your previous expert saw "protocol" and interpreted it as "port".  SSL is a port-independent conversation that can happen on any port for any service.

David Wagner of UC Berkeley and Bruce Schneier have put out an excellent papaer on SSL version 3 and why the deprecation of 2.0.  http://www.schneier.com/paper-ssl.pdf

Now to disable SSL 2.0 and others, read and follow http://support.microsoft.com/kb/187498 and take SPECIAL note of the opening paragraph as to upgrading to 2008 IIS 7.0 or newer.

You'll also need to disable older ciphers, http://support.microsoft.com/kb/245030
0
 

Author Comment

by:martinmiller40
ID: 33437593
@ Zxeses

Looks like you NAILED the answer, THANK YOU.  


I am using Windows 2003 and IIS 6, are there any other Need-To-Knows with this combo ?

Thx !

Martin
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question