How to disable PCT 1.0, SSL 2.0, SSL 3.0 on windows server

admin · March 06, 2022, 06:54:12 pm

When you run vulnerability scan, You get the below message, and in this article will see that how SSL 2.0 and 3.0 server as well as client disable on windows server. The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL are affected by several cryptographic flaws.

https://www.tenable.com/plugins/nessus/20007
[glow=red,2,300]SSL Version 2 and 3 Protocol Detection[/glow]

[glow=red,2,300]Synopsis[/glow]
The remote service encrypts traffic using a protocol with known weaknesses.

[glow=red,2,300]Description[/glow]
The remote service accepts connections encrypted using SSL 2.0 and/or SSL 3.0. These versions of SSL are affected by several cryptographic flaws, including:
- An insecure padding scheme with CBC ciphers.
- Insecure session renegotiation and resumption schemes.
An attacker can exploit these flaws to conduct man-in-the-middle attacks or to decrypt communications between the affected service and clients.

Networking Study & Your IT Admin Forums

News:

How to disable PCT 1.0, SSL 2.0, SSL 3.0 on windows server

admin

March 06, 2022, 06:54:12 pm