I need a solution
I have a customer that must be PCI certified.
They have two server in two different location running Symantec Endpoint Protection Small Business Edition Version 12.1 10000.157 RU1
After a Penetration test from the PCI auditor they told me that in each server I have two ports on the Apache Webserver that supports Trace and/or Track http methods and have to be fixed.
I have been reading a lot and I can't find first the command to test that are in risk or what to see in the output (curl and openssl command) and also I can't find the solutions because many site talk about how to fix the trace but not the track.
The ports that are having problem are the 8014 and 8445.
Any help I will really appreciate.