TechArena Community

TechArena Community (http://forums.techarena.in/)
-   Software Development (http://forums.techarena.in/software-development/)
-   -   How to disable SSLv2 protocol (http://forums.techarena.in/software-development/1194408.htm)

ADJATAY 09-06-2009 06:37 PM

How to disable SSLv2 protocol
 
Due to some problems i need to disable the Secure Socket Layer protocol version 2 protocol.I tried to do it with some registry modification that one of my colleague has told me but that also doesn't worked. Do any of you have any idea of doing that ? please let me know.

kelfro 09-06-2009 06:51 PM

Re: How to disable SSLv2 protocol
 
SSLv2 ensures that all data passed between web server and browser remains private and secure. but it also has the serious vulnerability.Successful exploitation of this vulnerability would allow an attacker to execute arbitrary code in the context of the affected server. Anyways, to disable it go through this steps:-

Open the command prompt and type regedt32 and press Enter. In Registry Editor, locate the following registry key:

Quote:

HKey_Local_Machine\System\CurrentControlSet\Control\SecurityProviders \SCHANNEL\Protocols\SSL 2.0\Server
Now click Add Value on the Edit menu. Now in the Data Type list click DWORD.

Rename this key as Enabled and click OK.

If this value is present, double-click the value to edit its current value.Type 00000000 in Binary Editor to set the value of the new key equal to "0".

Thats it .. Click OK.

labman 09-06-2009 06:53 PM

Re: How to disable SSLv2 protocol
 
SSLv2 will need to be turned off for each application that uses SSL. There are known flaws in the SSLv2 protocol. A man-in-the-middle attacker can force the communication to a less secure level and then attempt to break the weak encryption. The attacker can also truncate encrypted messages.


All times are GMT +5.5. The time now is 12:49 AM.