Ping a Specific Port

Question

Brian Knoblauch

Asked: 2012-12-28 12:30:31 +0800 CST2012-12-28 12:30:31 +0800 CST 2012-12-28 12:30:31 +0800 CST

How can I (securely) get remote desktop back?

772

In order to make compliance with our PCI-DSS requirements, I was required to disable TLS 1.0 (apparently it has a flaw that was corrected in TLS 1.1 and higher). However, after doing so, remote desktop fails to connect to that server. Is there a way to connect to remote desktop servers without TLS? Perhaps configure remote desktop for a newer version of TLS?

2 Answers

Voted

BastianW · Answer 1 · 2014-01-16T15:01:20+08:00

Best Answer

BastianW

2014-01-16T15:01:20+08:002014-01-16T15:01:20+08:00

Did you got that solved? If not try the following:

run the IIS Crypto from Nartac on the affected server (or do all the stuff the tool made by hand, thats also possible e.g. via regestry)
leave TLS 1.0 enabled
change the cipher in the list and disable all CBC cipher (the ones with CBC in it)
restart the server.

That should do the trick, as currently only the CBC cipher are affected by the breast attack.

2

longneck · Answer 2 · 2012-12-28T12:54:40+08:00

longneck

2012-12-28T12:54:40+08:002012-12-28T12:54:40+08:00

Disable Large Send Offload for IPv4 on your NIC. If that fixes it, contact your server/NIC vendor for a fix.

1

How can I (securely) get remote desktop back?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?