> I've been trying to deal with security scans and getting my serverup to > PCI-Compliance standards. One "ding" that has been an > issue from the start has involvedwhat the scan refers to as "dced". The first > support tech at the scanning company didn't know > what it was. I can't find out very much from searching, either. (I've > foundthe acronym has a lot to do with certain state agencies, > however!) Here's the text from the security scan: Title: possible > vulnerability in HP dced > Impact: A remote attacker could execute arbitrary commands with root > privileges. > Resolution: Apply patch PHSS_29963 for HP-UX 11.00, PHSS_29964 for HP-UX > 11.11, or PHSS_29966 for HP-UX 11.23. > HP-UX patches are available from the [http://itrc.hp.com] HP Resource Center. > Patch information for Tru64 users is available > from [http://support.entegrity.com/private/patches/dce/ssrt4741.asp] > Entegrity. Patch information for OpenVMS is available > from [http://www.securityfocus.com/archive/1/368882] SSRT 4741. This may > have something to do with virtualization from > what I've gathered.I'm on a Virtual Private Server, at this point. So, that > would make some sense.There's no program or port > referenced by the scanning results, either. Clues and advice anyone? Thanks! > Rick
This (dced) is a program found on HP-UX. Are you running on HP-UX, Tru64 or OpenVMS? (My guess is no.) If you're not, you should go back to the scanning vendor and tell them that you're not running an OS with that vulnerability. I'm not that familiar with scanning specifically for PCI compliance, but aren't they scanning the interface from a public network? If so, you should have a very small number of listening ports. Maybe just two: TCP/80 and TCP/443. There is no reason why you'd expose TCP/135 to a public network (especially if you're running Windows). Dave Watts, CTO, Fig Leaf Software http://www.figleaf.com/ http://training.figleaf.com/ Fig Leaf Software is a Veteran-Owned Small Business (VOSB) on GSA Schedule, and provides the highest caliber vendor-authorized instruction at our training centers, online, or onsite. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Order the Adobe Coldfusion Anthology now! http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:355218 Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm
