TCP Source Port Pass Firewall PCI DSS fails

Hello all,
I have scanned my domain and found 1 vulnerability in my server mentioned below.

TCP Source Port Pass Firewall

THREAT: Your firewall policy seems to let TCP packets with a specific source port pass through.

IMPACT: Some types of requests can pass through the firewall. The port number listed in the results section of this vulnerability report is the source port that unauthorized users can use to bypass your firewall.

SOLUTION: Make sure that all your filtering rules are correct and strict enough. If the firewall intends to deny TCP connections to a specific port, it should be configured to block all TCP SYN packets going to this port, regardless of the source port.

RESULT: The host responded 4 times to 4 TCP SYN probes sent to destination port 24567 using source port 53. However, it did not respond at all to 4 TCP SYN probes sent to the same destination port using a random source port.

I’m using Cloudflare and closed the DNS service and port on the server.
but still I’m facing the issue.
Can anyone guide me how can i resolve this issue ?

Then it’s solved.

Here’s a similar thread.

1 Like

Yes, i have seen that topic and tried the solution but still facing the issue.
Can you please guide me more on this

If you read the entire thread, you would have seen it’s a false positive. It included a way to scan the actual origin, rather than the proxy.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.