That's the way it worked for me Michael.
They just port scan the IP, and look up what usually runs on that port. I had some stuff running on odd-ball ports on the router in front of the server. Their port scan detected the ports, and refused to pass the PCI Compliance until I shut it down. In my case, they couldn't even have checked for a response, to see what prompt or response came back (and guess the service/program from that) - because it was encrypted. But they saw they could make a connection to those odd-ball ports, and that was enough for them to say NO WAY! Chuck ---------- Original Message ----------- From: Michael Stauber <mstau...@blueonyx.it> To: blueonyx@mail.blueonyx.it Sent: Thu, 30 Aug 2018 12:10:04 -0500 Subject: [BlueOnyx:22364] Re: PCI - lighttpd > Hi Tim, > > > Here is the report from doing > > > > netstat -tupan|grep LISTEN > > > > Nothing for port 42443 > > > > Correct? > > Correct. > > > Could nginx be effecting their PCI scans? > > No. When you acticate Nginx, Apache releases port 443 and Nginx binds to > port 443. Port 42443 isn't involved in that. > > I wonder how they came to the conclusion that lighttpd was running on > port 42443. Did they have access to the server for the check? If not, > then all they could do was a portscan, which is not really conclusive > without further analysis of what was going on at that port. > > -- > With best regards > > Michael Stauber > _______________________________________________ > Blueonyx mailing list > Blueonyx@mail.blueonyx.it > http://mail.blueonyx.it/mailman/listinfo/blueonyx ------- End of Original Message ------- |
_______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx