Windows server 2008 enables SSL v2 and SSL v3 by default. These versions are outdated weak and exposed to recent threats, including POODLE. To secure the server and pass PCI compliance checks you must disable these weak ciphers and enforce clients to use TLS 1.0 or greater.
Here’s how to disable SSL v2:
1. Start – Run Continue reading
SSL v2 is weak and outdated protocol. All modern browsers and applications support SSL v3 and that’s why you should disable SSL v2 where possible.
Using this command you can check if SSL v2 is enabled:
openssl s_client -connect www.example.org:443 -ssl2
SSL v2 is weak and outdated protocol. All modern browsers support SSL v3 and it’s enabled by default on Windows 2008 (IIS 7 / IIS 7.5). To make sure all clients are using SSL v3 we must disable SSL v2. This is required for PCI compliance. Continue reading