Solved

Reverse NAT/Intercepting Proxy Detection

Posted on 2011-09-14
2
1,001 Views
Last Modified: 2012-06-27
Hello,

I'm doing a PCI complience scan on my network and one of the Vulnerabilities that comes up is:

Reverse NAT/Intercepting Proxy Detection
Port 0/tcp

+ On the following port(s) :
- 3389 (8 hops away)

The operating system was identified as :

Microsoft Windows 2000
Microsoft Windows XP

+ On the following port(s) :
- 443 (8 hops away)
- 110 (8 hops away)
- 143 (8 hops away)
- 25 (8 hops away)
- 80 (8 hops away)

The operating system was identified as :

Microsoft Windows 2000
Microsoft Windows Server 2003  


Any Idea how I can adjust the settings on these devices?
0
Comment
Question by:vrosas_03
2 Comments
 
LVL 6

Accepted Solution

by:
jgibbar earned 500 total points
ID: 36540699
At first glance, it would appear that the first PC is a WIndows PC with Remote Desktop enabled.
 -- Just disable remote access

If I was to guess, the second would be a mail server? (HTTP (80), HTTPS (443), SMTP (25), A common SSL Port for SMTP (143)
 -- Probably need these to remain open in order to function if the Host is an authorized main server.
0
 

Author Closing Comment

by:vrosas_03
ID: 36541024
WOW. Thanks!!! I disabled remote access on the firewall and disabled the webmail via IIS and those vulnerabilities were gone.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Modify local Group Policy through powershell 5 69
SSL certificate pack 6 160
PCAnywhere 2 100
About proetction-security my RDP,Something free and eficient ? 3 70
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Read about achieving the basic levels of HRIS security in the workplace.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
With the power of JIRA, there's an unlimited number of ways you can customize it, use it and benefit from it. With that in mind, there's bound to be things that I wasn't able to cover in this course. With this summary we'll look at some places to go…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

24 Experts available now in Live!

Get 1:1 Help Now