Mark Timm wrote: > On Windows Server 2003 how do I remediate Nessus IDs 26928 and 31705. I¹ve > already changed these entries at > SYSTEM\CurrentControlSet\Control\SecurityProvidersSCHANNEL\Ciphers to > Enabled = 0: > > DES 56/56 > NULL > RC2 40/128 > RC4 40/128 > RC4 56/128 > > I¹ve also changed these entries at SCHANNEL\Protocols to Enabled = 0: > > PCT 1.0\Client > PCT 1.0\Server > SSL 2.0\Client > SSL 2.0\Server > > And the vulnerabilities are still reported.
I personally have not had to do this on an W2003 system. I did see this KB at Microsoft: http://support.microsoft.com/kb/245030 There was also a blog that summed it up. http://blog.techstacks.com/2008/10/iis-disabling-sslv2-and-weak-ciphers.html#links (Please move questions like this to the new discussions forum.) Ron Gula Tenable Network Security _______________________________________________ Nessus mailing list Nessus@list.nessus.org http://mail.nessus.org/mailman/listinfo/nessus