[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: ldap_sasl_interactive_bind_s: Can't contact LDAP server (81)
man, 2002-12-09 kl. 20:56 skrev Dan Rossi:
> proess is on
>
> running tupan
<snip>
</snip>
> running tupa
<snip>
</snip>
> doesnt seem to be showing up ?
Absolutely nothing to do with ldap there, whatsoever. However, as a
security man I'd advise you to consult your own on-site security fellow
at the very first opportunity and show him what you posted.
Anyway, what you asked about opening closing/ports for SASL: SASL would
make use of standard ldap ports (389, 636), unless you tell a client
that you have ldap / ldap-tls on an other port (I use 9009 for a test
DSA, for example). Then you'd have to open up 9009 for external clients
and they would have to do stateful inspection on their own originating
high ports (out: allow new, established; in: allow established). You can
limit client IP addresses with Netfilter or tcp_wrappers (Netfilter is
best).
> and what would this mean
> c16447.ran:microsoft-ds
microsoft-ds is a tcp/udp service on port 445 (/etc/services). What it
does I do not know (Google, Alltheweb) and it most probably should not
be there :-) unless you mean it to be.
Best,
Tony
--
Tony Earnshaw
When all's said and done ...
there's nothing left to say or do.
e-post: tonni@billy.demon.nl
www: http://www.billy.demon.nl