PEN Test Query - Firewall responds to port 4104 but that doesn't show in PolicyManager
This is my first post, so please be kind.
We recently had a pen test, which raised an issue with the certificate on our firewall, because "the host name doesn't match the supplied URI".
The tester is connecting on an IP and Port, not a host name, so that's not a surprise.
The part that confuses me, is that they found this on port 4104 (As well as others , I'm just using this one as my example).
Reading down the rules we have in policy manager, we don't have anything that should expose that port to the WAN.
I have since disabled client downloads, as we have no need for that functionality, hoping that that may remove the issue, but when I re-scan I still see the issue.
I have a few questions
How do I stop the firewall responding on these random ports ?
Is there a checklist of recommended settings that I can use to avoid things like this in future ?