Blade ZipKit - Disable SSL 3.0 for Windows (POODLE Fix)

Version 2
    Share:|

    Blade ZipKit Package Info
    BSA Compatible Version: 8.5.x

    Created by: richard mcleod

    Name: SSL_3.0-drc
    Type: Component Template, BL Package, Batch Job, Discovery, Compliance, Remediation
    Version: 1.0
    Tested on version: 8.5.01.218
    Tested on host running: Windows 2008 R2, Windows 2012 R2

     

    This package creates a Component Template to check whether or not the Windows server in question is vulnerable to the SSL 3.0 bug.

    Microsoft Vulnerability Info: https://technet.microsoft.com/en-us/library/security/3009008.aspx

    Other supporting info: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566

     

    The import will also create the necessary BL Package to remediate the flaw. Further it creates a Discovery, Remediation and Compliance batch job will can be used to auto-remediate servers where the vulnerability exists. In most cases (i've found that the registry key does not exist and there should be no harm in having it added). Remediation is based on the information found in the Microsoft technet article above.

     

    Instructions for Importing the package:

    1. Unzip the folder

    2. Right Click inside of the Jobs object on a folder and choose Import

    3. Step through the mapping sections selecting your destinations for the Component Template, BL Package and Jobs.

     

    Instruction for Executing the batch job: (WARNING: THE BATCH JOB CONTAINS AUTO-REMEDIATION!)

    1. Navigate to the folder you chose to import to

    2. Right click the SSL_3.0-drc batch job and choose... execute against servers

    3. Choose your targets

     

    The batch job will run Discovery against the target (??TARGET.OS?? = Windows)

    It will next run Compliance with Auto-Remediation and will deploy the BLPackage if the server is not compliant!

    Next it will run a Compliance job to ensure the fix was deployed and the server is compliant.


    Important Notes:

    *THE BATCH JOB WILL EXECUTE AUTO-REMEDIATION BY DEFAULT

    **PER MICROSOFT: THE CHANGE REQUIRES A REBOOT TO TAKE EFFECT, THE JOBS LISTED HERE DO NOT EXECUTE A REBOOT


    Community.jpg