Re: TCPIP Vulnerability Fix in Service Tools

I am working with a customer who is getting some errors on their PCI scan.

They weren't getting any errors, then the company told them to turn on this
TCPIP Vulnerability Fix in Service Tools. Once that was done they got
three errors. One for port 80, one for port 443, and then a general
error. All three errors had to do with a "possible scan interference".

The report shows 0 of 3 scans were completed. They can't explain what a
"scan" is... at least to the customer. I would assume it's a GET or POST
but the website still works fine and I can't find anything in the HTTP logs
for their "scans". (I didn't expect to if zero scans were completed).

Has anyone heard of this "Fix" in SST, and what it does and what a "Scan"
from a PCI company is and why this would cause these errors?

I almost feel like they're getting scammed since they have to pay if their
PCI scans aren't all clear. They claim it's for credit card security but
they don't actually do any credit card activity on their system as far as I
know.. that's all 3rd party stuff.

Bradley V. Stone
www.bvstools.com
Native IBM i e-Mail solutions for Microsoft Office 365, Gmail, or any Cloud
Provider!
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.