Last active
August 29, 2015 14:24
-
-
Save digglife/2b570d6604eb2e119a69 to your computer and use it in GitHub Desktop.
Fix Poodle Vulnerability(Disable SSLv3) on Windows Servers with Puppet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Disable SSLv3 on Windows.(POODLE vulnerability) | |
| # https://technet.microsoft.com/en-us/library/security/3009008.aspx | |
| registry_value { "Disable SSLv3 for IE": | |
| path => 'HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\SecureProtocols', | |
| ensure => present, | |
| type => 'dword', | |
| data => 128, | |
| } | |
| registry_key { 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server': } | |
| registry_key { 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client': } | |
| registry_value { "Disable SSLv3 For Windows Server": | |
| path => 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Server\Enabled', | |
| ensure => present, | |
| type => 'dword', | |
| data => 0, | |
| } | |
| registry_value { "Disable SSLv3 For Windows Client": | |
| path => 'HKLM\System\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\SSL 3.0\Client\Enabled', | |
| ensure => present, | |
| type => 'dword', | |
| data => 0, | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment