Solved

PCI Scan and SSLv2

Posted on 2010-09-20
3
1,306 Views
Last Modified: 2013-12-04
I have a SBS2008 server running exchange and OWA. My client is very happy with it and makes a lot of use of OWA.

However he also needs PCI Scans to check whether his network is secure from his credit card processing company. This is a requirement and is essentially a fancy port scan. Unfortunately port 443 and OWA fails the security test. This is because OWA accepts SSLv2 connections, in order to pass the test I must restrict the server to only accept SSLv3 connections.

Anyone already dealt with this, these security scans are pretty commonplace.
0
Comment
Question by:FutureOak
  • 2
3 Comments
 

Author Comment

by:FutureOak
ID: 33717346
Sorry I should have added more info. I have already found the KB article

http://support.microsoft.com/kb/187498

Which talks about it but the settings do not seem to relate to my SBS2008 install. It talks about keys in

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols

My server has only one key in there for SSL 2.0. However this is for the client only and the article talks about changing the server entry in the registry.

I think I am in the right area but dont fancy randomly changing regisitry settings that 'look right' on a production server :)
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 500 total points
ID: 33722290
0
 

Author Closing Comment

by:FutureOak
ID: 33743724
Spot on, I followed the article, they ran a PCI test last night and the server in question passed, many thanks
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

832 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question