How to disable RC4 Cipher on a Domain Controller

The RC4 algorithm, as used in the TLS protocol and SSL protocol, has many single-byte biases, which makes it easier for remote attackers to conduct plaintext-recovery attacks via statistical analysis of ciphertext in a large number of sessions that use the same plaintext.

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, aka the “Bar Mitzvah” issue

This video shows you how to disable the RC4 Cipher on a domain controller.

View more videos >>

Fix it easily with GYTPOL

GYTPOL allows you to fix this issue and hundreds of other security gaps for all PCs & Servers in your network through a centralized dashboard using our Security Configuration Management platform.

It’s fast, you can automate it and we can also predict the impact before applying.

For more information and a free trial, please complete your details below.

Free Trial

Free Trial Request