Harden SSL/TLS Tool

Wednesday, February 17, 2010

This tool from G-SEC™ (http://www.g-sec.lu) allows hardening the SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites.

This tool specifically allows setting policies with regards to what ciphers and protocols are available to applications that use SCHANNEL crypto interface. A lot of windows applications do use this interface, for instance Google Chrome as well as Apple Safari are a few of these. By changing the settings you can indirectly control what ciphers these applications are allowed to use.

It's about time...as auditors, we've been recommending securing Windows SSL/TLS settings for years and this is a welcome change

PCI DSS General Webappsec->General
Post Rating I Like this!
Anthony M. Freed Great tool - thanks for posting!