Home / EN / Harden SSL/TLS / Hardening / SSL / Windows / [Harden SSL/TLS] Hardening the SSL/TLS settings

[Harden SSL/TLS] Hardening the SSL/TLS settings

| Post sponsored by FaradaySEC | Multiuser Pentest Environment


“Harden SSL/TLS” allows hardening the SSL/TLS settings of Windows 2000,2003,2008,2008R2, XP,Vista,7. It allows locally and remotely set SSL policies allowing or denying certain ciphers/hashes or complete ciphersuites. 

This tool specific allows setting policies with regards to what ciphers and protocols are available to applications that use SCHANNEL crypto interface. A lot of windows applications do use this interface, for instance Google Chrome as well as Apple Safari are a few of these. By changing the settings you can indirectly control what ciphers these applications are allowed to use.

Advanced mode 
· re-enable ECC P521 mode on Windows7 and 2008R2
· Set TLS Cache size and timeout

Known issues: · The BETA initialises and sets the OS defaults at startupChangelog :· Fixed Protocol initialization on Vista/Seven/2008/2008R2 (Adrian F. Dimcev) · Fixed TLS 1.1 on Vista/2008 (Reported by Adrian F. Dimcev)
[Harden SSL/TLS] Hardening the SSL/TLS settings [Harden SSL/TLS] Hardening the SSL/TLS settings Reviewed by Zion3R on 2:12 PM Rating: 5