Page 1 of 1

PCI scan failing can FileZilla help

Posted: 2013-10-21 17:29
by kmideas
Hi,

I'm getting a "Unencrypted Communication Channel Accessibility" error on ports 990 and 5050 when I run Trustwave PCI scan.

Port 5050 is the Listening Port in general settings.
Port 990 is set to Listen for Implicit SSL/TLS
I've created a certificate and have it assigned in the Private Key File and Certificate File.
Enable FTP over SSL/TLS is checked
Allow Explicit over TLS is checked
Disallow Plain Unencrypted FTP is checked
Force PROT P to encrypt... is checked.

My understanding is 990 is port designated for FTPS.

Is there anything more I need to do to make the FTP more secure so I can pass the PCI?

Thanks.

Re: PCI scan failing can FileZilla help

Posted: 2013-10-21 20:35
by botg
False-positive from that scanning tool. Due to the nature how these tools work, they can't know that users cannot login without having to first secure the control connection using AUTH TLS.

Re: PCI scan failing can FileZilla help

Posted: 2013-10-21 20:38
by kmideas
Thank you for the explanation.