AnsweredAssumed Answered

How to disable CBS, DES and IDEA Cipher Suites - IIS 7.5?

Question asked by Virtual Matrix on Nov 20, 2015
Latest reply on Nov 22, 2015 by Rob_T

Can someone help me how to disable the following cipher suites using IISCrypto tool?


TLS 1.1 ciphers: TLS_RSA_WITH_RC4_128_SHA

TLS 1.2 ciphers: TLS_RSA_WITH_RC4_128_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHAC

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS 1.1 ciphers:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS 1.2 ciphers:

TLS_RSA_WITH_3DES_EDE_CBC_SHA

TLS_RSA_WITH_3DES_EDE_CBC_SHATLS 1.1 ciphers:

TLS_RSA_WITH_3DES_EDE_CBC_SHATLS 1.2 ciphers:

TLS_RSA_WITH_AES_128_CBC_SHA256

TLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHA

TLS_RSA_WITH_AES_256_CBC_SHA256

TLS_RSA_WITH_RC4_128_SHATLS_RSA_WITH_3DES_EDE_CBC_SHA

 

I used the PCI template to apply the fix, and unchecked the Cipher suite order as shown below. But it didn't resolve the issue. Can someone help on this?

Anyone aware of security patches that may resolve these vulnerabilities in IIS 7.5?

1.png

2.png3.png

Outcomes