Solved

Setup ACL for LDAP Null Base on Windows 2000

Posted on 2002-07-25
2
192 Views
Last Modified: 2013-12-19
I ran ISS on one of my servers and got the following:

LDAP NullBase: LDAP null base returns information
If LDAP allows NULL base in an LDAP search, a user can submit a search that returns information on namingContexts and supported controls.  An attacker could use this information to access directory listings and plan further attacks.

Remedy:  Set up an access list control to prevent users from dumping the base of the tree or issuing a request without knowing the base object.

My question is where and how do I do this and will it adversely affect my clients (they are 98 & 2000).

Thanks.

Please also see my question regarding inverse queries on 2k dns.
0
Comment
Question by:robinsonbpc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 11

Accepted Solution

by:
geoffryn earned 200 total points
ID: 7177420
This vulnerablity exists if your AD is in Mixed mode.  Downlevel clients (Win 9x, NT 4.0) need to be able to make AD/LDAP queries as null/anonymous.  
0
 
LVL 1

Author Comment

by:robinsonbpc
ID: 7193612
Thank you for your help.
0

Featured Post

Manage your data center from practically anywhere

The KN8164V features HD resolution of 1920 x 1200, FIPS 140-2 with level 1 security standards and virtual media transmissions at twice the speed. Built for reliability, the KN series provides local console and remote over IP access, ensuring 24/7 availability to all servers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question