This is what the scan report told me to do. Is this even a problem that can be solved in a browser? I have akamai installed on my mac and they say that may be giving a false problem concerning the sslv2. I have no idea how to change the ciphers used.
- All posts
- Helpful Solutions
Generally speaking, changes required for PCI compliance are changes you would make on your web server and not on your browser.
Firefox stopped using SSLv2 in Firefox 2. See: https://developer.mozilla.org/en-US/docs/Security_in_Firefox_2
There are some sites that help you test for SSLv2 support on your server. This one came up in a search: http://foundeo.com/products/iis-weak-.../test.cfm.
Hope this helps.
ATT says the modem for household use that I have cannot be configured to use the more secure CR4 cipher and disable sslv2 settings. Says I need to get a modem designed for business network use. What a nightmare. All I do is go to a pay gateway website and enter in my customer's credit card numbers, which then is deposited into my bank account. Seems this is the same as any credit card purchase I would make online and that ATT should have security for those transactions covered already. The pay gateway site does use CR4, but the scan has failed me because apparently my modem does not. I am not operating an e-commerce website. (I meant to say false POSITIVE in my question above, not false problem.)
I don't know why your modem needs to be compliant, since you are only connecting outwards. Are you working with a merchant services company? They might be able to help clarify the requirements.
Thanks so much for your input. The merchant services company I use hired Trustkeeper to do the scans so they can be PCI compliant. I have been "round and round" with Trustwave. They keep repeating what is on the scan report and do not provide any technical support. That is up to me. They keep saying to contact my IT person, (which would be me..haha). I will ask Trustwave to answer the question you posed and will also contact the merchant services company, although I imagine they will be clueless.
- IMPORTANT ANNOUNCEMENT: We’re going through some system changes, that may have slowed responses to your questions. If you had asked a question in the last couple of months, please re-post it and the community will help you as soon as we can. If you’ve registered after February 7th, please register again, the accounts on the previous site were not migrated to this temporary site. If you joined us before February 7, please reset your password if you have trouble logging into this temporary site.