This video shows you how to disable the support for older weaker SSL protocols, such as SSL 2.0, SSL 3.0, TLS 1.0 and TLS 1.1.

These weak SSL protocols which are regularly picked up on security audits as well as Cyber Essentials assessments, which can be easily remediated.

Go into regedit, then go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\

From there create a new Key for 'SSL 2.0', 'SSL 3.0', 'TLS 1.0' and 'TLS 1.1'

for instance: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0

Then, create a client and server key inside the protocol you are disabling

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 2.0\Client

Then create a DWORD value called 'Enabled' with the default value of 0. If the value has 1, then this enables the weaker cipher.

Email: info@isgovern.com

Connect with InfoSec Governance at:

► WEBSITE: [ Ссылка ]
► LINKEDIN: [ Ссылка ]
► TWITTER: [ Ссылка ]

свернуть