11-08-2019 02:38 AM - edited 02-21-2020 09:40 AM
Hello guys.
After a security scan, the finding was that ASA reveals to much information on TCP/443 port. For example, a simple nmap scan shows:
PORT STATE SERVICE VERSION
443/tcp open ssl/http Cisco ASA SSL VPN
while the scanner (I don't know which one) shows:
The remote host is running CISCO ASA 5500.
So the question is, is it possible to remove or alter this information?
The ASA is running 9.8(4)7 code.
Thanks.
Solved! Go to Solution.
11-08-2019 07:40 PM
Correct.
The answer I provided applies to both clientless and client-based SSL VPN.
11-08-2019 02:52 AM
It cannot be removed unless you aren't using the ASA for SSL VPN.
11-08-2019 03:31 AM
11-08-2019 07:40 PM
Correct.
The answer I provided applies to both clientless and client-based SSL VPN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide