Book Image

Hyper-V Security

By : Eric Siron, Andy Syrewicze
Book Image

Hyper-V Security

By: Eric Siron, Andy Syrewicze

Overview of this book

Hyper-V Security is intended for administrators with a solid working knowledge of Hyper-V Server, Windows Server, and Active Directory. An administrator with a functional environment will be able to use the knowledge and examples present in this book to enhance security.
Table of Contents (10 chapters)
9
Index

Understanding SSL encryption


A major flaw has been discovered that allows attackers to easily decipher traffic encrypted with the Secure Sockets Layer (SSL) 3.0 protocol. This attack is known as Browser Exploit Against SSL/TLS (BEAST). When perusing the list of available protocols, SSL 3.0 is listed as the highest version with that name, which might give the impression that there are no safe SSL protocols to use.

However, Transport Layer Security (TLS) has supplanted these earlier protocols. TLS 1.0 was the successor to SSL 3.0, and in turn, it has been followed by TLS 1.1 and 1.2. When current Windows systems use a certificate-based communications channel, they will use the most secure protocol that is present and enabled on both endpoints. These are often named SSL connections, which can imply that they are using SSL instead of TLS. In truth, Windows certificate-based communications are controlled by the Schannel authentication package.

TLS 1.1 and 1.2 are not vulnerable to BEAST, so it...