PCI compliance with a 2704N
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- My Router
- :
- PCI compliance with a 2704N
Re: PCI compliance with a 2704N
15-03-2019 5:18 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@lingtallwill & @Casaitalia2 I've upgraded both of your routers to the latest firmware build.
@Rmontrose your router has dropped off the management platform for some reason, you'll need to factory reset it before I'm able to do the same.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: PCI compliance with a 2704N
15-03-2019 6:16 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Many thanks, firmware is now 7.275.12_F2704N_Plusnet
should this now allow the modem/router to pass the SYN packet tests?
Re: PCI compliance with a 2704N
15-03-2019 6:51 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
If it doesn't, I'd appreciate you messaging me the detail along with the output of any test results and details of who commissioned them.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: PCI compliance with a 2704N
20-03-2019 9:16 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi Bob,
The provider is AIB Merchant Service
I've run the scan again and it fails on the same issue:
CVSS Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N
Category: Firewalls
CVE ID: BID : 7487 Other references { cert : 464113 }
THREAT:
It may be possible to bypass firewall rules
IMPACT:
The remote host does not discard TCP SYN packets that have the FIN flag set.
Depending on the kind of firewall you are using, an attacker may use this flaw to bypass its rules.
SOLUTION:
Contact your vendor for a patch.
I'll phone them to see what they suggest.
Thanks
Andrea
Re: PCI compliance with a 2704N
20-03-2019 4:46 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Unfortunately we fail with the same issue again -
Worldpay Sysnet.
Category | Firewalls |
CVE | BID : 7487 Other references { cert : 464113 } |
CVSS base score | 5.0 |
Description | TCP/IP SYN+FIN Packet Filtering Weakness |
Threat | - |
Impact | The remote host does not discard TCP SYN packets that have the FIN flag set.<br/><br/>Depending on the kind of firewall you are using, an attacker may use this flaw to bypass its rules. |
Solution | Contact your vendor for a patch. |
PCI compliant | No |
PCI details | - |
Reason | It may be possible to bypass firewall rules. |
PCI details | medium |
Port | 0 / tcp / |
Host name | - |
Host OS | - |
Result
|
Re: PCI compliance with a 2704N
20-03-2019 5:19 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks both.
I've raised the issue with the device vendor and will keep you abreast of any developments (ref: PNADSL-16).
I can't provide any assurances as to when I'll have any news though I'm afraid.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: PCI compliance with a 2704N
20-03-2019 5:23 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Are the newer fibre routers backwards compatible to adsl? if so could we swap out?
Re: PCI compliance with a 2704N
20-03-2019 7:00 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: PCI compliance with a 2704N
20-03-2019 7:01 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Is the scanning solution available publicly? Would be good to be able to replicate the issue. I did try contacting the merchant earlier but their chat functionality didn't seem to be working particularly well.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: PCI compliance with a 2704N
04-04-2019 12:00 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi Bob,
I have been asked to provide a screenshot showing that the firmware on the router is up to date with the latest version.
I will try and log in to my router and do this.
Thanks
Andrea
Re: PCI compliance with a 2704N
05-04-2019 12:57 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@Casaitalia2, the info at http://192.168.1.254/expert_user.html may be of help.
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: PCI compliance with a 2704N
05-06-2019 9:46 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi, I'm having the same problem with my PCI compliance. Is it possible to update my router as well
Sagem 2704N
Serial N7162301W000846
Thanks Alan.
Re: PCI compliance with a 2704N
05-06-2019 11:30 AM - edited 05-06-2019 11:31 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi Alan,
I've re-added your router onto the hardware management platform. Could you factory reset it using the pinhole at the back? This should push the latest firmware version down to you within 24-48 hours. Let us know how it goes.
Re: PCI compliance with a 2704N
05-06-2019 11:41 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks, will let you know.
Re: PCI compliance with a 2704N
27-06-2019 7:04 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
We are having exactly the same problem with PCI compliance for Grindleford Community shop. I am not clear from this forum whether the problem has been solved for the 2704n router. If there is a solution, I would like to know.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page