Re: Disabling SSL version 2 protocol and 40-bit and 56 bit ciphers
From: Bernard (qbernard_at_hotmail.com.discuss)
Date: 12/24/03
- Previous message: Bernard: "Re: IIS and OWA"
- In reply to: Matt: "Disabling SSL version 2 protocol and 40-bit and 56 bit ciphers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 24 Dec 2003 11:25:58 +0800
Haven't tested this one, you can try -
How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in
Schannel.dll
http://support.microsoft.com/?id=245030
-- Regards, Bernard Cheah http://support.microsoft.com/ Please respond to newsgroups only ... "Matt" <anonymous@discussions.microsoft.com> дÈëÏûÏ¢ news:05ECEC0A-DA8E-43D0-B3FA-ED0D5FAEF660@microsoft.com... > I recently had a security audit on one of my web sites running IIS 5. Two issues were highlighted surrounding SSL: > > 1. the server supports 40-bit and 56 bit ciphers > 2. the SSL version 2 protocol is supported. > > I've been asked to investigate whether we can configure the server so that these ciphers are disabled and that only SSL version 3 and TLS are the only supported protocols. I can't see these options in the IIS management console. Is this configuration available in IIS? If not is there any way of implementing this? Do I need to upgrade to IIS 6? > > m@
- Previous message: Bernard: "Re: IIS and OWA"
- In reply to: Matt: "Disabling SSL version 2 protocol and 40-bit and 56 bit ciphers"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
