Here we are again with POODLE

I’ve touched on it here: http://jermsmit.com/security-news-poodle-security-vulnerability/

Then secured up Apache here: http://jermsmit.com/secure-apache-httpd-from-poodle/

And even did some testing here: http://jermsmit.com/tech-short-lets-test-for-poodle-or-sslv3/

This time I am adding the steps used to secure-up some IIS Servers.

Lets Start:  *note* These steps apply to Server 2003, 2008, 2012

Requirements: 

  • Administrator Rights
  • Registry Changes
  • Reboot of Server

Steps:

  1. Log into server or remote access registry
  2. Once in the servers registry, navigate to the following key:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols\SSL 3.0\Server
  3. If the DWORD value Enabled exists set it to “0”else create it as such
  4. Reboot & and Test

One of many test sites: POODLE Scan – https://www.poodlescan.com/

 

*Update* 2017 – The following tool should help simply the process above: https://www.nartac.com/Products/IISCrypto

IS Crypto is a free tool that gives administrators the ability to enable or disable protocols, ciphers, hashes and key exchange algorithms on Windows Server 2008, 2012 and 2016. It also lets you reorder SSL/TLS cipher suites offered by IIS, implement best practices with a single click, create custom templates and test your website.