我的MS SQL Server 2014中存在一些漏洞:
List of RC4 cipher suites supported by the remote server :
High Strength Ciphers (>= 112-bit key)
TLSv1
RC4-MD5 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
RC4-SHA Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
The fields above are :
{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}
- SSLv3 is enabled and the server supports at least one cipher.
Nessus determined that the remote server supports SSLv3 with at least one CBC
cipher suite, indicating that this server is vulnerable.
It appears that TLSv1 or newer is supported on the server. However, the
Fallback SCSV mechanism is not supported, allowing connections to be "rolled
back" to SSLv3.
我的操作系统是Windwos Server 2012,并使用Nessus扫描扫描我的服务器。 如何修复上述漏洞?