Server Vulnerability Scan

Página Principal
Esta mensagem é parte da seguinte discussão:
Ma lista completa das discussões ordenadas por data
M 
MLisa Kachold em ->
Anexos:
Mensagem como email
+ (text/plain)
Apagar esta mensagem
Responder a esta mensagem
Autor: keith smith
Data:  
Para: PLUGAZ
Assunto: Server Vulnerability Scan


I have been working on an online store for a while. Part of what I am tasked with is keeping the cart Payment Card Industry (PCI) complaint.

I'm more of a programmer so my sys admin skills are not as developed as i would like.

We hired a company who scans our server and reports back to us.

Here is one of about 10 questions I have.

They report :

We were able to determine which versions of the SSH protocol the remote SSH daemon supports.

This gives potential attackers additional information about the system they are attacking.

AND

It is possible to obtain information about the remote SSH server by sending an empty authentication request.

I ran nmap and the SSH port does not show. I've looked in the sshd_config and find nothing that would alert me to how I can turn off reporting it's config or it's existence.

Any help much appreciated!

------------------------
Keith Smith



---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss

Esta mensagem foi colocada nas seguintes mailing lists:
Plug Discuss
Informação da Mailing List | Mensagens Perto		<-Re: Cross Platform FilesystemsRe: Cross Platform Filesystems->
Some Mailing List Archive administrado por UnconfiguredLurker (versão 2.3)