Disable SSL RRS feed

  • Question

  • Hi All i am using third party vulnerability scanner, i have used the IISCrypto to disable SSL,TLL but still i am seeing the below vulnerabilites how do i fix them in windows registries for  Windows Server 2012R2 and Windows Server 2016

    SSL/TLS use of weak RC4(Arcfour) cipher
    Solution: RC4 should not be used where possible. One reason that RC4(Arcfour) was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS.

    SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)
    Solution: Disable SSLv3 support to avoid this vulnerability.

    SSL Server Has SSLv3 Enabled Vulnerability
    Solution: Disable the SSL 3.0 protocol in the client and in the server

    SSL/TLS Server supports TLSv1.0
    Solution: Disable the use of TLSv1.0 protocol in favor of a cryptographically stronger protocol such as TLSv1.2

    Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
    Solution: Disable and stop using DES, 3DES, IDEA or RC2 ciphers.

    Saturday, May 23, 2020 2:52 PM

All replies