If you are involved with PCI compliance scanning you are probably familiar with the "SSL Server Has SSLv2 Enabled" vulnerability. It's one of those annoying items that always seem to show up on scan reports. Fortunately, there is a simple way to test for this vulnerability and an easy way to fix it.
Using nmap and its script scanning capability you can scan for and detect this vulnerability. An example command is listed below.
nmap -p443 --script=sslv2.nse 10.10.10.10 -vvv
If the server supports SSLv2 nmap will report:
Interesting ports on 10.10.10.10:
PORT STATE SERVICE
443/tcp open https
| sslv2: server still supports SSLv2
How to fix a vulnerable IIS server:
Open regedit and navigate to:
Change the "Enabled" value to dword 00000000
Reboot the server and run nmap again to verify the vulnerability has been closed.