IIS6 and SSLv2

IIS6 and SSLv2

am 14.08.2006 16:41:01 von blake

Our InfoSec people are obviously bored. Is there a straightforward to way
to configure IIS 6.0 to not allow client connections using SSLv2 (and only
respond to SSLv3)?

I have read the following:
http://support.microsoft.com/kb/299875/en-us
http://support.microsoft.com/kb/216482
http://support.microsoft.com/kb/245030/

These only discuss disabling certain ciphers.

I imagine that IIS 7 won't support SSLv2, as an aside.

Thanks
Blake

Re: IIS6 and SSLv2

am 14.08.2006 16:51:00 von blake

After posting, I found this:

http://support.microsoft.com/default.aspx?scid=kb;en-us;1874 98

I'll try it and report back.
Blake

"Blake" wrote in message
news:uN65q%236vGHA.2436@TK2MSFTNGP06.phx.gbl...
> Our InfoSec people are obviously bored. Is there a straightforward to way
> to configure IIS 6.0 to not allow client connections using SSLv2 (and only
> respond to SSLv3)?
>
> I have read the following:
> http://support.microsoft.com/kb/299875/en-us
> http://support.microsoft.com/kb/216482
> http://support.microsoft.com/kb/245030/
>
> These only discuss disabling certain ciphers.
>
> I imagine that IIS 7 won't support SSLv2, as an aside.
>
> Thanks
> Blake
>