LinkBack URL
About LinkBacks
PCI Compliance
Hello,
We were informed earlier about some issue with PCI compliance testing and was hoping some clarification about these issues. The mainly concern mail ports and SSL port 443:
Is there anything we can do resolve these issues? I believe these ports are used by the Cpanel Control panels also.Code:Protocol Port Program Risk Summary TCP 25 smtp 8 Synopsis : An open SMTP relay is running on this port. Description : The remote SMTP server is insufficiently protected against relaying. This means that it allows spammers to use your mail server to send their mails to the world, thus wasting your network bandwidth. Solution: Reconfigure your SMTP server so that it cannot be used as a relay any more. Risk Factor: High / CVSS Base Score : 7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C) [More] [Hide] TCP 465 urd 8 Synopsis : An open SMTP relay is running on this port. Description : The remote SMTP server is insufficiently protected against relaying. This means that it allows spammers to use your mail server to send their mails to the world, thus wasting your network bandwidth. Solution: Reconfigure your SMTP server so that it cannot be used as a relay any more. Risk Factor: High / CVSS Base Score : 7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C) [More] [Hide] TCP 443 https 5 Synopsis : It is possible to retrieve file backups from the remote web server. Description : By appending various suffixes (ie: .old, .bak, ~, etc...) to the names of various files on the remote host, it seems possible to retrieve their contents, which may result in disclosure of sensitive information. Solution: Ensure the files do no contain any sensitive information, such as credentials to connect to a database, and delete or protect those files that should not be accessible. Risk Factor: Medium / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) [More]
Thank you,
Mike
Reply With Quote
Originally Posted by mickalo
