From monthly archives: February 2006

We are pleased to present below all posts archived in 'February 2006'. If you still can't find what you are looking for, try using the search box.

Timothy

Administrative Template for Configuring SCHANNEL

Windows' SChannel is the "service" that handles all the secure internet communications, such as PCT, SSL, and TLS.  Sometimes for security reasons, you may want to disable the older secure communication protocols, such as SSL 2.0.  SSL 3.0 has been in use for years now and enhances SSL 2.0, making it more cryptographically secure.  You may also want to disable PCT 1.0 since it's non-standard (although be careful with this as some built-in systems in windows, such as the Message Queue, rely on PCT).  Or perhaps you want to disable the newer protocols for compatibility reasons.  Who knows?

Before you would have to manually edit the registry on every affected machine.  So I created this Administrative Template for Group Policy to control these settings.  Unfortunately, Microsoft did not store these settings in the "true policy" locations of the registry, so in the GPEDIT.MSC you need to click on Administrative Templates, then select View -> Filtering...  Uncheck "Only show policy settings that can be fully managed."  This will allow you to see the "preferences."  (Policy settings that are not fully managed are called Preferences.)  You can google for more information on the differences between policies and preferences.

Anyway, this administrative template will be handy if you need to disable SSL 2.0 on a large array of web servers, for instance.  Or if you want to make sure that all outgoing communications are secure for workstations. 

Microsoft's explanation of Administrative Templates...
http://technet2.microsoft.com/WindowsServer/en/Library/8f0daf74-1eac-4d47-ac8a-bcbe23c673521033.mspx

Link to the SCHANNEL.ADM administrative template...
http://www.avianwaves.com/tech/tools/SCHANNEL_ADM/

Recent Comments
  1. Re: It's Coming Any Day Now...
    Tim: Awesome to hear. Can't wait to check it out.
  2. Re: RD Tabs Security Advisory - 2.0 and 2.1 Beta
    Roman: Hi admin having same materiel as i need. Also get some extra stuff here: [url="hit5k.com"]Patch Applications...
  3. Re: RD Tabs Security Advisory - 2.0 and 2.1 Beta
    Roman: Hi admin having same materiel as i need. Also get some extra stuff here: Patch Applications
  4. Re: 3.0 is coming...
    Sean: Great news, can't wait!
  5. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Funny Guy: To add my 2 cents - after a day of fight it appears that DPM installation uses WMI queries to detect...
  6. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Funny Guy: To add my 2 cents - after a day of fight it appears that DPM installation uses WMI queries to detect...
  7. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    Funny Guy: To add my 2 cents - after a day of fight it appears that DPM installation uses WMI queries to detect...
  8. Re: DPM 2016 + SQL 2016 and "An unexpected error occurred during the installation" ID: 4387
    kAM aCOSTA: Thanks Edward !!!
  9. Re: 3.0 is coming...
    Dave: Very Cool!
  10. Re: In VB.Net, sending output to the console from a Windows "Forms" application
    clochardM33: Glorious