Basic disabling of RC4 cipher at OS level is not enough.
The RC4 cipher is disabled in Registry, But the scanner is still detecting the vulnerability.
Could you please suggest the Remediation process.
Can you provide more details. it really depends on what service you detected the issue on. Is the scan picking this up on a web server? what port and what web server is it? Apache, IIS, NGINX?
Once I this I should be able to give you directions on what to do.
Hello, It's a General remote services, detected ports are 990 & 2222.
It is an IIS- Database server.
That does help. So modifying the encryption protocols and ciphers at the OS level in particular on Windows will not address this. You will need to look at each applications configuration running on that port.
So for example; if you are running ftps on port 990 you would need to consult that products documentation in-order to remove/re-configure the service. Same thing for port 2222. If your running MS SQLServer I can lookup the link to the Microsoft article describing how to do this.
I would only change one at a time just to try and isolate any potential issues.
Here are some links for disabling RC4 from M$:https://support.microsoft.com/en-us/help/2868725/microsoft-security-advisory-update-for-disabling-rc4
Here is one to deal with IIS specifically: https://samrueby.com/2015/06/08/how-to-disable-sslv3-and-rc4-ciphers-in-iis/
Let me know if I can provide additional assist.
Tushar, does David's reply answer your question?
Retrieving data ...