Re: TCPIP Vulnerability Fix in Service Tools -- MIDRANGE-L

Here's more info on the error for ports 80 and 443

"THREAT:
The service/daemon listening on the port shown stopped responding to TCP
connection attempts during the scan"

Then there's a more general one:

"A PCI scan must be allowed to perform scanning without interference from
intrusion detection systems or intrusion prevention systems.
The PCI ASV is required to post fail if scan interference is detected."

Wouldn't that be a good thing? If we need to whitelist their IP they would
need to provide it, which I haven't seen.

So, what is this fix in SST and what does it do? I can't find any docs on
it.

On Wed, Jan 11, 2023 at 9:10 AM Jim Oberholtzer <midrangel@xxxxxxxxxxxxxxxxx>
wrote:

My take would be to cross reference IBM notices with their "Fix". I'll bet
it's a scam at this point unless they can point to a specific error.

--
Jim Oberholtzer
Chief Technical Architect
Agile Technology Architects

On Wed, Jan 11, 2023 at 9:06 AM Brad Stone <bvstone@xxxxxxxxx> wrote:

I am working with a customer who is getting some errors on their PCI

scan.

They weren't getting any errors, then the company told them to turn on

this

TCPIP Vulnerability Fix in Service Tools. Once that was done they got
three errors. One for port 80, one for port 443, and then a general
error. All three errors had to do with a "possible scan interference".

The report shows 0 of 3 scans were completed. They can't explain what a
"scan" is... at least to the customer. I would assume it's a GET or POST
but the website still works fine and I can't find anything in the HTTP

logs

for their "scans". (I didn't expect to if zero scans were completed).

Has anyone heard of this "Fix" in SST, and what it does and what a "Scan"
from a PCI company is and why this would cause these errors?

I almost feel like they're getting scammed since they have to pay if

their

PCI scans aren't all clear. They claim it's for credit card security but
they don't actually do any credit card activity on their system as far

as I

know.. that's all 3rd party stuff.

Bradley V. Stone
www.bvstools.com
Native IBM i e-Mail solutions for Microsoft Office 365, Gmail, or any

Cloud

Provider!
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing

list

To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.