?
Solved

Publish LDAP to Internet

Posted on 2013-06-30
3
Medium Priority
?
158 Views
Last Modified: 2016-01-30
Hi all,

If I opened an LDAP port on our firewall for LDAP enquiry for our Mac clients, could anybody get our LDAP list through port scan from Internet? our staff got many fake spams recently in which the recipient addresses were exist on our Exchange Server. Does this problem related to I open the LDAP port to Internet?

I have disable the LDAP port now. Do I take any actions now?

Thanks
Thomas
0
Comment
Question by:DT1640759
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 82

Accepted Solution

by:
David Johnson, CD, MVP earned 1500 total points
ID: 39289088
Little late shutting the barn door, as the horse has fled. Yes a port query would have found the ldap port open.
0
 

Author Comment

by:DT1640759
ID: 39293960
Hi Ve3ofa,

thanks for your reply, Anyhow LDAP query need to provide logon name and password, even through anybody perform port scan.

Thanks
Thomas
0
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 39294046
What are they trying to log on to? You can limit the ldap queries to be only from the local network.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting to know the threat landscape in which DDoS has evolved, and making the right choice to get ourselves geared up to defend against  DDoS attacks effectively. Get the necessary preparation works done and focus on Doing the First Things Right.
The recent Petya-like ransomware attack served a big blow to hundreds of banks, corporations and government offices The Acronis blog takes a closer look at this damaging worm to see what’s behind it – and offers up tips on how you can safeguard your…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses
Course of the Month11 days, 9 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question