Guest Andy W Posted November 13, 2007 Posted November 13, 2007 Hello Everyone, Our servers were scanned for vulnerabilities. One thing that came up with web servers that had certificates on them was SSL V2 being enabled, which is a Vulnerability. KB 187498 was referenced to disable SSL V2. Seems straightforward enough except for one part. Below I've pasted the section where I get confused. "Microsoft Windows NT Server stores information about different security-enhanced channel protocols that Windows NT Server supports. This information is stored in the following registry key: HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols Typically, this key contains the following subkeys: . PCT 1.0 . SSL 2.0 . SSL 3.0 . TLS 1.0 Each key holds information about the protocol for the key. Any one of these protocols can be disabled at the server. To do this, you create a new DWORD value in the server subkey of the protocol. You set the DWORD value to "00 00 00 00." To disable SSL 2.0. I need to create a new DWORD value in the subkey, however I have one question, what is the name of the DWord? Can it be the default name which would be "New Value #1"???? thank you in advance.
Guest Bob G Posted November 18, 2007 Posted November 18, 2007 RE: SSL 2.0 Vulernability "Andy W" wrote: > Hello Everyone, > > Our servers were scanned for vulnerabilities. One thing that came up with > web servers that had certificates on them was SSL V2 being enabled, which is > a Vulnerability. KB 187498 was referenced to disable SSL V2. > > Seems straightforward enough except for one part. > > Below I've pasted the section where I get confused. > > "Microsoft Windows NT Server stores information about different > security-enhanced channel protocols that Windows NT Server supports. This > information is stored in the following registry key: > > HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders > \SCHANNEL\Protocols > > Typically, this key contains the following subkeys: . PCT 1.0 > . SSL 2.0 > . SSL 3.0 > . TLS 1.0 > Each key holds information about the protocol for the key. Any one of these > protocols can be disabled at the server. To do this, you create a new DWORD > value in the server subkey of the protocol. You set the DWORD value to "00 > 00 00 00." > > > To disable SSL 2.0. I need to create a new DWORD value in the subkey, > however I have one question, what is the name of the DWord? Can it be the > default name which would be "New Value #1"???? > > > thank you in advance. > I'm looking to do something similar - but in our case we have ISA2006 servers facing the internet - I've been reading KB 245030. Complex stuff! Anyway - if you look a bit further down the KB you quoted (which could have been clearer, I agree), you'll see that it says you should create a DWORD named "Enabled" and set it to 0.
Recommended Posts