Is that the Citrix hot fix roll-up that ended in "07"? Did that...
For WebDAV, it is our Citrix server - it has IIS 6.0 (with WebDAV "prohibited"). Not sure how do-able is an upgrade to IIS 7.0 (without major assistance)... -- richard From: Webster [mailto:webs...@carlwebster.com] Sent: Friday, January 20, 2012 11:02 AM To: NT System Admin Issues Subject: Re: Citrix security frustrations Why have you not installed HRP7 on your servers? What server is failing on WebDAV? Carl Webster Consultant and Citrix Technology Professional http://www.CarlWebster.com<http://www.carlwebster.com/> From: Richard McClary <richard.mccl...@aspca.org<mailto:richard.mccl...@aspca.org>> Reply-To: NT Issues <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Date: Fri, 20 Jan 2012 14:41:59 +0000 To: NT Issues <ntsysadmin@lyris.sunbelt-software.com<mailto:ntsysadmin@lyris.sunbelt-software.com>> Subject: Citrix security frustrations Greetings! PCI Compliance scan on our Citrix system ("old" Presentation Server 4.5 on IIS 6.0) done back in October included these remediation steps: Disable WebDAV: As per instructions, I went into the IIS manager, web extensions, and saw it was "Prohibited". It still is. However, the scan done last week shows the same thing - indicates nothing was done. Disable TLS Renegotiation: According to the Citrix site, the solution is to apply Hot Fix PSE450R06W2K3030. So, after seeking the version for PS 4.5 and applying it, guess what? "Disable TLS Renegotiation" again. @#*& !!! ??? I mean, it's bad enough that SSL 3.0 and TLS 1.0 have been cracked (no mention of that in the scan report), but this stuff (which is supposed to have been remedied by those who have been faithfully applying MS patches over the years) is nuts! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com<mailto:listmana...@lyris.sunbeltsoftware.com> with the body: unsubscribe ntsysadmin The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals® (ASPCA®) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin