We have had PCI compliance for about 4 months straight then all of a sudden this comes up:
Fail Serious Port: 21 Protocol: tcp Summary : attempts some buffer overflows CVSS Base Score : 10.0 (CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C) CVSS Temporal Score : 8.3 (CVSS2#E:F/RL:OF/RC:C) Public Exploit Available : true CVE : CVE-1999-0219, CVE-2000-0870, CVE-2000-0943, CVE-2000-1035, CVE-2000-1194, CVE-2002-0126, CVE-2003-0271, CVE-2005-0634, CVE-2005-1415 BID : 269, 1227, 1675, 1690, 1858, 3884, 7251, 7278, 7307, 12704, 13454
The server has cPHulk Brute Force Protection on and FTP users are required to use SFTP. I do not understand how I can secure this anymore than I have... I do not want to change my Brute Force Protection settings because it currently just drops the user and doesn't give them any message, and I am afraid that is what is happening. The audit company is Trust Guard; does anyone have any suggestions or has anyone had a similar experience?
Umm... maybe I'm out of the loop here, but why is port 21 listening if you're using SFTP? Shouldn't it be port 22?