This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

website Vulnerability report

I recently moved from TMG to sophos UTM and I have published several websites through the firewall. My company gets scans PCI compliance and we just failed our most recent scan because The HTTP TRACE and/or TRACK methods are enabled on this web server. I can't find for the life of me, a place to block this on the sophos UTM. Any help would be appreciated.


This thread was automatically locked due to age.
Parents
  • Ok if you are going through the UTM then start a support ticket...Bob's pointing to that feature request is an indicator there's a problem..[:)]  However I would check your internal webservers to make sure they do not have this trace method turned on.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Reply
  • Ok if you are going through the UTM then start a support ticket...Bob's pointing to that feature request is an indicator there's a problem..[:)]  However I would check your internal webservers to make sure they do not have this trace method turned on.

    Owner:  Emmanuel Technology Consulting

    http://etc-md.com

    Former Sophos SG(Astaro) advocate/researcher/Silver Partner

    PfSense w/Suricata, ntopng, 

    Other addons to follow

Children
No Data