Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 46
  • Last Modified:

Improve Security on SBS 2011

HI -
We are trying to be more secure so a client can accept credit cards.  The firm that inspects our vulnerabilities produced the following.  I thought i had addressed this in the security section of SBS 2011 but it appears that i did not.  Any, and all, detailed information on how to correct this would be so appreciated.

Thanks
Rich
The SSL-based service running on this host appears to support the use of "weak" ciphers such as:

- Ciphers suites that have key-lengths of less than 128 bits.

- Ciphers suites using anonymous Diffie-Hellman algorithms (no authentication).

- Ciphers suites offering no encryption.

- Ciphers suites using pre-shared keys.

- Ciphers suites using RC4 or MD5.
0
webentpr
Asked:
webentpr
  • 2
  • 2
2 Solutions
 
btanExec ConsultantCommented:
Try running iiscrypto using its best practice. It helps to set the cipher required in baseline to secure the server to use strong cipher. This only set the cipher on the OS and you need to make sure the appl config changes separately, applicable.
https://www.nartac.com/Support/IISCrypto/FAQ

https://www.nartac.com/Blog/post/2013/04/19/IIS-Crypto-Explained.aspx

If server is accessible via Internet, I suggest a self assessment using the ssl lab test. It does a good snapshot on the cipher used.
https://www.ssllabs.com/ssltest/
0
 
pgm554Commented:
0
 
webentprAuthor Commented:
First let me apologize for taking so long to respond.  I will try this - thank you.
0
 
webentprAuthor Commented:
Thanks - everything worked correctly - really appreciate your help.
Rich
0
 
btanExec ConsultantCommented:
As per advised and acknowledged.
0

Featured Post

How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now