API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 28th, 2017
84
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.13 KB | None | 0 0
raw download clone embed print report
  1. function Get-SSLSecurityProtocols {
  2. $protopath = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols"
  3. & REG.EXE QUERY "$protopath\PCT 1.0\Server" /v Enabled
  4. & REG.EXE QUERY "$protopath\SSL 2.0\Server" /v Enabled
  5. & REG.EXE QUERY "$protopath\SSL 3.0\Server" /v Enabled
  6. & REG.EXE QUERY "$protopath\TLS 1.0\Server" /v Enabled
  7. & REG.EXE QUERY "$protopath\TLS 1.1\Server" /v Enabled
  8. & REG.EXE QUERY "$protopath\TLS 1.1\Server" /v DisabledByDefault
  9. & REG.EXE QUERY "$protopath\TLS 1.2\Server" /v Enabled
  10. & REG.EXE QUERY "$protopath\TLS 1.2\Server" /v DisabledByDefault
  11. & REG.EXE QUERY "$protopath\TLS 1.1\Client" /v Enabled
  12. & REG.EXE QUERY "$protopath\TLS 1.1\Client" /v DisabledByDefault
  13. & REG.EXE QUERY "$protopath\TLS 1.2\Client" /v Enabled
  14. & REG.EXE QUERY "$protopath\TLS 1.2\Client" /v DisabledByDefault
  15. }
  16.  
  17. function Set-SSLSecurityProtocols {
  18. $protopath = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols"
  19. & reg.exe add "$protopath\PCT 1.0\Server" /v Enabled /t REG_DWORD /d 00000000 /f
  20. & reg.exe add "$protopath\SSL 2.0\Server" /v Enabled /t REG_DWORD /d 00000000 /f
  21. & reg.exe add "$protopath\SSL 3.0\Server" /v Enabled /t REG_DWORD /d 00000001 /f
  22. & reg.exe add "$protopath\TLS 1.0\Server" /v Enabled /t REG_DWORD /d 00000001 /f
  23. & reg.exe add "$protopath\TLS 1.1\Server" /v Enabled /t REG_DWORD /d 00000001 /f
  24. & reg.exe add "$protopath\TLS 1.1\Server" /v DisabledByDefault /t REG_DWORD /d 00000000 /f
  25. & reg.exe add "$protopath\TLS 1.2\Server" /v Enabled /t REG_DWORD /d 00000001 /f
  26. & reg.exe add "$protopath\TLS 1.2\Server" /v DisabledByDefault /t REG_DWORD /d 00000000 /f
  27. & reg.exe add "$protopath\TLS 1.1\Client" /v Enabled /t REG_DWORD /d 00000001 /f
  28. & reg.exe add "$protopath\TLS 1.1\Client" /v DisabledByDefault /t REG_DWORD /d 00000000 /f
  29. & reg.exe add "$protopath\TLS 1.2\Client" /v Enabled /t REG_DWORD /d 00000001 /f
  30. & reg.exe add "$protopath\TLS 1.2\Client" /v DisabledByDefault /t REG_DWORD /d 00000000 /f
  31. }
  32.  
  33. function Set-IISSupportedCiphers {
  34. $cipherpath = "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Ciphers"
  35. & reg.exe add "$cipherpath\NULL" /v Enabled /t REG_DWORD /d 00000000 /f
  36. & reg.exe add "$cipherpath\DES 56/56" /v Enabled /t REG_DWORD /d 00000000 /f
  37. & reg.exe add "$cipherpath\RC2 40/128" /v Enabled /t REG_DWORD /d 00000000 /f
  38. & reg.exe add "$cipherpath\RC2 56/128" /v Enabled /t REG_DWORD /d 00000000 /f
  39. & reg.exe add "$cipherpath\RC2 128/128" /v Enabled /t REG_DWORD /d 00000000 /f
  40. & reg.exe add "$cipherpath\RC4 40/128" /v Enabled /t REG_DWORD /d 00000000 /f
  41. & reg.exe add "$cipherpath\RC4 56/128" /v Enabled /t REG_DWORD /d 00000000 /f
  42. & reg.exe add "$cipherpath\RC4 64/128" /v Enabled /t REG_DWORD /d 00000000 /f
  43. & reg.exe add "$cipherpath\RC4 128/128" /v Enabled /t REG_DWORD /d 4294967295 /f
  44. & reg.exe add "$cipherpath\Triple DES 168/168" /v Enabled /t REG_DWORD /d 4294967295 /f
  45. & reg.exe add "$cipherpath\AES 128/128" /v Enabled /t REG_DWORD /d 4294967295 /f
  46. & reg.exe add "$cipherpath\AES 256/256" /v Enabled /t REG_DWORD /d 4294967295 /f
  47. }
  48.  
  49. #Get-SSLSecurityProtocols
  50. #Set-SSLSecurityProtocols
  51. #Set-IISSupportedCiphers
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!