Sophos AP/APX users may experience issues registering to Sophos Central. More info available here: Central Wireless
We'd love to hear about it! Click here to go to the product suggestion community
I noticed when I enter the following in CLI:
nmap --script ssl-enum-ciphers -p 9980 <IP Address here> (ie. 10.x.x.1)
it shows port 9980 is vulnerable to TLSv1.0. Is there a way to correct this? Is port 9980 important? Is there a way to close port 9980?
Is use this Wikipedia article for information about official and unofficial port usage
The list does not define 9980, so it is proprietary to some application.
The acceptable TLS settings are determined by the endpoints, so you need to find that machine and change its settings.
Windows products have tailorable ciphersuites if the product is using the (default) SCHANNEL security provider.
If it is a website on a server which is too obsolete to support better ciphersuites, you might be able to put UTM Webserver Protection in front of it to enforce TLS 1.2.
In reply to DouglasFoster:
The reason I brought it up, was because I noticed the IP Addresses that were affected were from the Sophos Interface section. For an example 10.5.1.1
if you have NMAP, run this line:
nmap --script ssl-enum-ciphers -p 9980 10.5.5.1
(You'll have to change the IP address of course.)
and then you'll see the results if you're affected or not.
In reply to Vi Tran:
This post has everything that I could assemble about UTM port usage, and 9980 is not in my list.
However, many of the default ports can be overridden, so perhaps your configuration has been customized by a prior network administrator.
Please ask Sophos Support to help you figure it out. If the port is used by default, please reply to that posting with details of where the port is typically used.