Ars Technica

Ciphers and the BEAST

What's your solution to hardening IIS against the BEAST? Prioritizing non-CBC ciphers (i.e. putting TLS_RSA_WITH_RC4_128_SHA and TLS_RSA_WITH_RC4_128_MD5 at the top of the list) does 'mitigate' the ...
Ars Technica

Looking to bolster Windows ciphers, protocols, and hashes

I've used the Nartac Software IIS Crypto tool* to set the Windows SSL cipher suite order, secure protocols, ciphers, hashes, and key exchanges on newly set up Windows servers running modern ...
Network World

Microsoft’s .NET Framework security updates further effort to phase out RC4 encryption

Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.