How to disable SSL 2.0 and weak ciphers

On October 8, 2010, in Infrastructure, by Chris

This week a local customer requested some help on becoming PCI compliant in order to take credit card transactions through their website. In order to become PCI compliant there are guidelines around security that need to be met, specifically disabling SSL 2.0 and weak ciphers due to the vulnerabilities they introduce.

Before you begin, I recommend looking into an approved  PCI compliance scanning service. I can personally vouch that SecurityMetrics.com is a great, easy to use service that will give a detailed report on any security risks that prevent you from meeting the guidelines of PCI compliance.

There are really only 3 steps that need to be completed:

  1. Modify the following registry key to disable SSL 2.0  “HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server” add a DWORD with the name of “Enabled” and a value of 00 00 00 00 (means false)
  2. Modify the following registry key for each cipher less than 128 bit  “HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Ciphers” add a DWORD with the name of “Enabled” and a value of 00 00 00 00 (means false)
  3. RESTART
Tagged with:  

Over the past few weeks there seems to have been a buzz going around about BPOS, for those of you that aren’t exactly sure what it is I have put together a quick write-up based on information I have combined from multiple sources throughout the internet. The gist is, Business Productivity Online Suite is a set of Microsoft hosted solutions including Microsoft Exchange Online, Microsoft SharePoint Online, Microsoft Office Live Meeting, and Microsoft Office Communications Online. These online services are designed to give your business streamlined communication with high availability, comprehensive security, and simplified IT management. When your company subscribes to one or more of the services, it connects to the rich interactivity of on-premises client and server applications with the flexibility and scalability of Web-based services. Because Microsoft hosts the services, it reduces your company’s need to maintain IT services on site. Many organizations today are moving to this “software-plus-services” model, because it decreases the need to manage hardware and software.

So, what does this mean for your IT staff? Ultimately, it may mean a reduction in staff, or simply freeing up time for your staff to work on more important projects to grow your business. Personally I know of many companies that could highly benefit from this, and many more if they ever add CRM to the mix.

Tagged with: