The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

PCI Compliance

Discussion in 'Security' started by mickalo, Dec 14, 2009.

  1. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    Hello,

    We were informed earlier about some issue with PCI compliance testing and was hoping some clarification about these issues. The mainly concern mail ports and SSL port 443:
    Code:
    Protocol Port Program Risk Summary
    
    TCP 25 smtp 8 Synopsis : An open SMTP relay is running on this port. Description : 
    The remote SMTP server is insufficiently protected against relaying. This means that it 
    allows spammers to use your mail server to send their mails to the world, thus wasting 
    your network bandwidth. Solution: Reconfigure your SMTP server so that it cannot be 
    used as a relay any more. Risk Factor: High  / CVSS Base Score : 
    7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C) [More] 
    [Hide]
    TCP 465 urd 8 Synopsis : An open SMTP relay is running on this port. Description : 
    The remote SMTP server is insufficiently protected against relaying. This means that it 
    allows spammers to use your mail server to send their mails to the world, thus wasting 
    your network bandwidth. Solution: Reconfigure your SMTP server so that it cannot be 
    used as a relay any more. Risk Factor: High  / CVSS Base Score : 
    7.8 (CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C) [More] 
    [Hide]
    TCP 443 https 5 Synopsis : It is possible to retrieve file backups from the remote web server. 
    Description : By appending various suffixes (ie: .old, .bak, ~, etc...) to the names of various 
    files on the remote host, it seems possible to retrieve their contents, which may result in 
    disclosure of sensitive information. Solution: Ensure the files do no contain any sensitive information, 
    such as credentials to connect to a database, and delete or protect those files that should not be 
    accessible. Risk Factor: Medium  / CVSS Base Score : 5.0 (CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N) [More] 
    
    Is there anything we can do resolve these issues? I believe these ports are used by the Cpanel Control panels also.

    Thank you,
    Mike
     
  2. BianchiDude

    BianchiDude Well-Known Member
    PartnerNOC

    Joined:
    Jul 2, 2005
    Messages:
    619
    Likes Received:
    0
    Trophy Points:
    16
    Well to fix the 3rd one, you can do that with mod_security.

    For the first two, those may be false positives, which scanner did you use?
     
  3. mickalo

    mickalo Well-Known Member

    Joined:
    Apr 16, 2002
    Messages:
    765
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    N.W. Iowa
    Yes we do have mod security installed, default install from EasyApache.

    I had the Cpanel Tech people double check these issues with the mail ports and they found no problems, no open relays. These PCI scans are pretty much bogus and a real pain!!

    thx's
    Mike
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,482
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    And it appears, you've been at it for a while now too.


    http://forums.cpanel.net/f43/pci-compliance-128365.html
     
Loading...

Share This Page