Failed Barclaycard security scan

brightside229 · 10 Jul 2024 at 15:07

I work for a small company, and we have 3 terminals for card payments, every now and again terminal provider ask for IP address and they do a scan, they are saying that the scan has failed on security on ports 61115 and 51119 and are asking to install a SSL security certificate. The terminals are wireless.

bearing in mind we have never failed a scan before, and nothing network wise has changed since the last one a few months ago.

We have no idea how to install the security certificate, is this something that can be done on the router itself? it is a linksys WRT.

Any help would be appreciated.

Barclaycard are not really being any help, other than saying we need to install thes certificates to pass.

General remote services

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server supports Transport Layer Security (TLSv1.0)

61116 / tcp over ssl

Secure Sockets Layer/Transport Layer Security (SSL/TLS) Server supports Transport Layer Security (TLSv1.0)

51119 / tcp over ssl

General remote services

SSL Certificate - Signature Verification Failed Vulnerability

51119 / tcp over ssl

General remote services

SSL Certificate - Signature Verification Failed Vulnerability

61115 / tcp over ssl

just to clarify these are port numbers that we do use for remote access on 2 machines. But we also have other port numbers used that are scanning fine? So would the issue be on these two machines that have the open ports?

brightside229 · 10 Jul 2024 at 15:59

Caged said:
When you say remote access do you mean you have RDP open to the internet?

yes these ports are used for access to RDP on these machines and port forwarded on the router.

brightside229 · 10 Jul 2024 at 16:03

Caged said:
Ok, not to be deliberately harsh here but from your own words and scan results it's clear that your company does not have the skills required to maintain a secure environment. You should request to swap your card terminals for 4G/5G connected devices that do not touch your network in any way.

the RDP has been set up like this by an "it professional" many years ago, i guess this is not a good approach these days?

brightside229 · 10 Jul 2024 at 19:30

visibleman said:
Opting for a third party, TeamViewer/HelpWire, or VPN (your Linksys may support OpenVPN which could be a solution) solution would be the typical setup for SMB environments. Exposing RDP directly to the internet isn't particularly the best of ideas unless it's properly secured.

Given your current situation, the easiest solution is as @Caged says and opt for mobile network variants of the terminals as it removes the burden of securing your network. Alternatively, disable RDP/stop exposing the ports to the internet.

Router does support open vpn yes

brightside229 · 11 Jul 2024 at 11:33

Well, thanks for the help, or lack of...

Anyway, Ports have been closed for the RDP connections, and have now set up cloudconnexa for remote access on the machiens that require it, so the PCI has now been passed.

brightside229 · 11 Jul 2024 at 12:23

Caged said:
Not having this attitude, you came here for advice and you got it. Your issue is that you weren't pampered.

I did not start with an attitude. It changed with the "help" i received.

Again, i never initially set up this RDP this way, I only needed to fix the issue. I should have just googled it first i suppose rather than asking a question on here.

brightside229 · 11 Jul 2024 at 16:10

will have a look into it further, thank you for your suggestion, appreciate it!