Jul 30, 2009 9:31 AM PDT Comments: 0 Views: 2,753 Print Comment PC World Security researchers have found some serious flaws in software that uses the SSL (Secure Sockets Layer) encryption protocol used to secure communications on the Internet.

nessus shows SSL Weak cipher suites supported

windows server

regedit

Browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers

then right click on DES 56/56 and create new/DWORD Value type in Enabled in the name and for the data value 0x00000000

then do the same for RC2 40/128, RC4 40/128, RC4 56/128

rescan with nessus and you should not see ssl weak cipher suites supported any more.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s