Disabling SSL 2.0 for POP3?
paintb4707
Member Posts: 420
in Off-Topic
Hey guys
I'm currently working on PCI Compliance and I've got one last issue that is driving me up the wall. I followed the microsoft kbb here: [FONT="]How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services and disabled SSL 2.0 entirely.
Originally, the PCI Compliance scan was telling me the issue lied with both HTTPS and POP3S, low and behold the issue is resolved for HTTPS but not POP3. I've looked all over the place and can't find anything related on the matter. Is there an additional setting that needs to be changed to prevent SSL 2.0 on POP3?
Just an FYI, it's confirmed that the issue is pointing to our Exchange server, where I had disabled SSL 2.0
Thanks in advance
[/FONT]
I'm currently working on PCI Compliance and I've got one last issue that is driving me up the wall. I followed the microsoft kbb here: [FONT="]How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services and disabled SSL 2.0 entirely.
Originally, the PCI Compliance scan was telling me the issue lied with both HTTPS and POP3S, low and behold the issue is resolved for HTTPS but not POP3. I've looked all over the place and can't find anything related on the matter. Is there an additional setting that needs to be changed to prevent SSL 2.0 on POP3?
Just an FYI, it's confirmed that the issue is pointing to our Exchange server, where I had disabled SSL 2.0
Thanks in advance
[/FONT]
Comments
-
jibbajabba Member Posts: 4,317 ■■■■■■■■□□paintb4707 wrote: »Hey guys
I'm currently working on PCI Compliance and I've got one last issue that is driving me up the wall. I followed the microsoft kbb here: [FONT="]How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services and disabled SSL 2.0 entirely.
Originally, the PCI Compliance scan was telling me the issue lied with both HTTPS and POP3S, low and behold the issue is resolved for HTTPS but not POP3. I've looked all over the place and can't find anything related on the matter. Is there an additional setting that needs to be changed to prevent SSL 2.0 on POP3?
Just an FYI, it's confirmed that the issue is pointing to our Exchange server, where I had disabled SSL 2.0
Thanks in advance
[/FONT]
Got Exchange installed on that box or any other mail software ? Basically something keeps port 995 open ..My own knowledge base made public: http://open902.com -
paintb4707 Member Posts: 420Got Exchange installed on that box or any other mail software ? Basically something keeps port 995 open ..
Port 995 is open (and needs to be) to provide POP3SSL to mobile phones. The problem I'm having is that SSL 2.0 is still enabled for some wacky reason. I need to eliminate 2.0 and leave 3.0 as the only option. -
jibbajabba Member Posts: 4,317 ■■■■■■■■□□paintb4707 wrote: »Port 995 is open (and needs to be) to provide POP3SSL to mobile phones. The problem I'm having is that SSL 2.0 is still enabled for some wacky reason. I need to eliminate 2.0 and leave 3.0 as the only option.
Mmm.. what software is this ? Maybe it is something you have to do at software level rather than OS level ?My own knowledge base made public: http://open902.com -
paintb4707 Member Posts: 420Mmm.. what software is this ?
ExchangeMaybe it is something you have to do at software level rather than OS level ? -
jibbajabba Member Posts: 4,317 ■■■■■■■■□□So I suppose it fails because you use OWA - which uses IIS which should have been fixed with that registry key ... oddMy own knowledge base made public: http://open902.com