A Suite of SSL-TLS Scripts

calendar Dec 21, 2024 · 2 min read · CyberBunny74 script encryption  ·
Share on: linkedin copy

Encryption, the biggest complaint most people have towards cybersecurity other than passwords. In the olden days, users would cringe at that thought of encryption as it would take valuable resources away from the computing power of the servers. Now, with better CPUs and Memory as well as faster Hard drives, encrypting and decrypting are easy. However, the old methods have been compromised. Thanks to how Microsoft thinks, they are still available. This always makes security people nervous.
I've put together a collection of five PowerShell scripts that'll make your systems more secure than Fort Knox (well, digitally speaking, at least).  

The All-Star: DisableAllButTLS12.ps1

This script is the heavy hitter of the bunch. It's like a digital bouncer, kicking out all the old, insecure SSL and TLS versions from your system's VIP section. But it doesn't stop there – it also shows the door to outdated ciphers and tweaks various security settings. It's basically spring cleaning for your server's security protocols.

The Specialists: Disable-SSLv3Client and Disable-SSLv3Server Scripts

Now, if you're still running systems that need these, you might want to consider upgrading your abacus. But hey, I get it – sometimes we're stuck supporting legacy systems that are older than my coffee maker (and trust me, that thing's ancient).

  • Disable-SSLv3Client-Multi.ps1 and Disable-SSLv3Client-Single.ps1: These scripts are like pest control for SSL 3.0 on the client side. The 'Multi' version can work its magic across multiple machines, while the 'Single' version is perfect for those one-on-one sessions with a problematic PC.
  • Disable-SSLv3Server-Multi.ps1 and Disable-SSLv3Server-Single.ps1: This one's for all you server huggers out there. It'll disable SSL 3.0 across multiple servers faster than you can say "security vulnerability."

Remember, folks – using these scripts is like updating your wardrobe. Sure, those bell-bottoms might have sentimental value, but they're not doing you any favors in the security department. Stick with the latest fashion (TLS 1.2 in this case) and you'll be the talk of the cyber town. You can find all these scripts in my GitHub repo here. Feel free to fork, tweak, and make them your own. Just remember – with great power comes great responsibility. And by responsibility, I mean testing these scripts thoroughly before unleashing them on your production environment. Stay secure, my friends, and may your encryption always be strong and your vulnerabilities few!