Preventing Ldap amplification attacks
Question asked by Grizales Grizales - 1/4/2019 at 8:17 AM
Hello, many people with Windows servers have had amplification attacks through the LDAP service and port 389. If we apply these changes, what impact will they have on the functioning of Smartermail? Is there a risk that something goes wrong? In Smartermail servers are we also unprotected or do we have any protection in this regard?

Eg support.steadfast.net/Knowledgebase/Article/View/119/0/preventing-ldap-amplification-attacks


2 Replies

Reply to Thread
Sébastien Riccio Replied

Do you need LDAP to be reachable from internet ? If not, maybe the best is to firewall the LDAP port and only allow access from localhost and/or your local network only.

The best practice is anyway to only expose on internet the ports that are needed to be reached from outside and FW/close the others.

Sébastien Riccio
System & Network Admin

echoDreamz Replied
We stop the SM LDAP service as well as block all ports at the firewall that dont need to be open. Should really only open ports you need open. 

Reply to Thread