Hi
I need to disable SSL v2.0 so one of my customers can get PCI for his site. the information from hackerguardian.com is below. I know that it supports ssl v3 and tls 1 but they say SSL v2.0 has to be disabled totally.
Can you help
Colin
Plugin "Deprecated SSL Protocol Usage"
Category "General remote services (General)"
Priority Ranking "Medium Priority"
Synopsis : The remote service encrypts traffic using a protocol with known weaknesses. Description : The remote service accepts connections encrypted using SSL 2.0, which reportedly suffers from several cryptographic flaws and has been deprecated for several years. An attacker may be able to exploit these issues to conduct man-in-the-middle attacks or decrypt communications between the affected service and clients.