Preventing Ldap amplification attacks
Question asked by Grizales Grizales - January 4 at 8:17 AM
Unanswered
Hello, many people with Windows servers have had amplification attacks through the LDAP service and port 389. If we apply these changes, what impact will they have on the functioning of Smartermail? Is there a risk that something goes wrong? In Smartermail servers are we also unprotected or do we have any protection in this regard?

Eg support.steadfast.net/Knowledgebase/Article/View/119/0/preventing-ldap-amplification-attacks

Thanks!

2 Replies

Reply to Thread
0
Sébastien Riccio Replied
Hi,

Do you need LDAP to be reachable from internet ? If not, maybe the best is to firewall the LDAP port and only allow access from localhost and/or your local network only.

The best practice is anyway to only expose on internet the ports that are needed to be reached from outside and FW/close the others.


0
echoDreamz Replied
We stop the SM LDAP service as well as block all ports at the firewall that dont need to be open. Should really only open ports you need open. 

Christopher

Reply to Thread