DrayTek UK Users' Community Forum
Help, Advice and Solutions from DrayTek Users
PCI Compliance
- mattfletcher
- Topic Author
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
13 Dec 2010 11:47 #65234
by mattfletcher
PCI Compliance was created by mattfletcher
Hello, our external IP is being tested for PCI compliance and we are failing with the following messages. Does anyone know what needs to be updated or perhaps disabled - it's a Vigor2910.
TCP 443 https 4 Synopsis : The remote service supports the use of weak SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: [More]
TCP 443 https 4 Synopsis : The remote service supports the use of anonymous SSL ciphers. Description : The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a [More]
TCP 443 https 4 Synopsis : The remote service supports the use of medium strength SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently [More]
TCP 443 https 4 Synopsis : The remote service supports the use of weak SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all. Note: [More]
TCP 443 https 4 Synopsis : The remote service supports the use of anonymous SSL ciphers. Description : The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a [More]
TCP 443 https 4 Synopsis : The remote service supports the use of medium strength SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer medium strength encryption, which we currently [More]
Please Log in or Create an account to join the conversation.
- njh
- Offline
- Member
Less
More
- Posts: 306
- Thank you received: 0
13 Dec 2010 12:31 #65235
by njh
2900Gi/v2.5.6; 2900/v2.5.6
Replied by njh on topic PCI Compliance
Have you got remote administration enabled or disabled?
2900Gi/v2.5.6; 2900/v2.5.6
Please Log in or Create an account to join the conversation.
- mattfletcher
- Topic Author
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
14 Dec 2010 17:21 #65253
by mattfletcher
Please Log in or Create an account to join the conversation.
- benji
- Offline
- Junior Member
Less
More
- Posts: 44
- Thank you received: 0
20 Dec 2010 18:46 #65327
by benji
Replied by benji on topic PCI Compliance
If its disabled and your IP is being scanned externally surely that suggests you have port 443 open and a HTTPS server behind the Draytek that is triggering the result?
Please Log in or Create an account to join the conversation.
- mattfletcher
- Topic Author
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
21 Dec 2010 10:17 #65332
by mattfletcher
Replied by mattfletcher on topic PCI Compliance
Allow management from the Internet is off
There are no ports set up on NAT
There is no DMZ defined
There are no items listed in "open ports"
I don't know where else to look. I've done a portscan from outside and it does not show 443 as open.
There are no ports set up on NAT
There is no DMZ defined
There are no items listed in "open ports"
I don't know where else to look. I've done a portscan from outside and it does not show 443 as open.
Please Log in or Create an account to join the conversation.
- mattfletcher
- Topic Author
- Offline
- New Member
Less
More
- Posts: 5
- Thank you received: 0
06 Jan 2011 11:41 #65494
by mattfletcher
Please Log in or Create an account to join the conversation.
Moderators: Chris, Sami
Copyright © 2024 DrayTek