Hi All,
There are my notes on how to disable the 3DES Sugar32 exploit
on a Windows 7 Pro Remote Desktop Server (RDP). Note: at
the present time, this kills rdesktop, but does work with
xfreerdp.
This took me over a month to figure out. I hope it helps
someone else
-T
How to test for 3DES (Sugar32):
nmap -p xxxx -Pn --script +ssl-enum-ciphers aaa.bbb.ccc.ddd
--script ssl-cert
How to disable 3DES (Sugar32 exploit) in Windows 7 (possibly other
versions):
1) Registry:
REGEDIT4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers\Triple
DES 168]
"Enabled"=dword:00000000
Note: most easily done with IISCrypto.exe:
https://www.nartac.com/Products/IISCrypto/Download
2) gpedit.msc
--> Computer Configuration
--> Policies
--> Administrative Templates
--> Windows Components
--> Remote Desktop Services
--> Remote Desktop Session Host
--> Security
Require use of specific security layer for
remote (rdp) connections
set to "enabled"
set "Security Layer" to "RDP"
Require secure RCP commications
set to "enabled"
3) reboot: shutdown /r /f /t 00
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
FreeRDP-devel mailing list
FreeRDP-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freerdp-devel
