The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Internet Key Exchange fails PCI Scan

Discussion in 'Security' started by tagteam, May 21, 2013.

  1. tagteam

    tagteam Member

    Joined:
    May 21, 2013
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    my pci scan showed up this as a problem and I would like some help in figuring out how to get it resolved. I cant seem to find anything in google about it.

    Description
    The remote Internet Key Exchange (IKE) version 1 service seems to
    support Aggressive Mode with Pre-Share key (PSK) authentication. Such
    configuration could allow an attacker to capture and crack the PSK of a
    VPN gateway and gain unauthorized access to private networks.

    Solution
    - Disable Aggressive Mode if supported.
    - Do not use Pre-Shared key for authentication if it's possible.
    - If using Pre-Shared key cannot be avoided, use very strong keys.
    - If possible, do not allow VPN connections from any IP addresses.
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    Could you provide more details about the OS you are using? Also, what environment is the server hosted on (VPS/Dedicated) and what virtuallization software is used (if any)? Which company handled the PCI scan?

    Thank you.
     
  3. tagteamcomputin

    tagteamcomputin Registered

    Joined:
    Jan 8, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    I am on a dedicated server using centos 6.4
    I am not using any virtualization sofwtware that I am aware of.
    The pci scan was done by 403 labs
    I have password authentication disabled so I think I need to use IKE but it may be something different that I am not thinking of. I dont use anything like whm to automatically connect to the server to do anything.
    Thanks for any help
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,854
    Likes Received:
    676
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
  5. tagteamcomputin

    tagteamcomputin Registered

    Joined:
    Jan 8, 2012
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    They are saying that I am using a VPN. Is there some software in cpanel or whm that is seen as a vpn? The only thing i use is the web admin and ssh. I don't know if there is something that makes the web admin look like a VPN.
     
  6. cPanelJared

    cPanelJared Technical Analyst
    Staff Member

    Joined:
    Feb 25, 2010
    Messages:
    1,842
    Likes Received:
    18
    Trophy Points:
    38
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    There is nothing in cPanel that should be seen as a VPN. cPanel has nothing to do with VPN configuration.
     
  7. quizknows

    quizknows Well-Known Member

    Joined:
    Oct 20, 2009
    Messages:
    942
    Likes Received:
    57
    Trophy Points:
    28
    cPanel Access Level:
    DataCenter Provider
    Look at the port number they list in the report. If it's a cPanel service, dispute it as a false positive. Some PCI vendors assume the services running on cPanel TCP ports are other services, and falsely fail you for the service you're not even running.
     
Loading...

Share This Page