Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

PCI Scan and SSLv2

Posted on 2010-09-20
3
Medium Priority
?
1,328 Views
Last Modified: 2013-12-04
I have a SBS2008 server running exchange and OWA. My client is very happy with it and makes a lot of use of OWA.

However he also needs PCI Scans to check whether his network is secure from his credit card processing company. This is a requirement and is essentially a fancy port scan. Unfortunately port 443 and OWA fails the security test. This is because OWA accepts SSLv2 connections, in order to pass the test I must restrict the server to only accept SSLv3 connections.

Anyone already dealt with this, these security scans are pretty commonplace.
0
Comment
Question by:FutureOak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 

Author Comment

by:FutureOak
ID: 33717346
Sorry I should have added more info. I have already found the KB article

http://support.microsoft.com/kb/187498

Which talks about it but the settings do not seem to relate to my SBS2008 install. It talks about keys in

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols

My server has only one key in there for SSL 2.0. However this is for the client only and the article talks about changing the server entry in the registry.

I think I am in the right area but dont fancy randomly changing regisitry settings that 'look right' on a production server :)
0
 
LVL 35

Accepted Solution

by:
Cris Hanna earned 2000 total points
ID: 33722290
0
 

Author Closing Comment

by:FutureOak
ID: 33743724
Spot on, I followed the article, they ran a PCI test last night and the server in question passed, many thanks
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are times when we need to generate a report on the inbox rules, where users have set up forwarding externally in their mailbox. In this article, I will be sharing a script I wrote to generate the report in CSV format.
New style of hardware planning for Microsoft Exchange server.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…
Suggested Courses

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question