> On Sep 30, 2016, at 06.55, Michael Ströder <michael@stroeder.com> wrote: > > Sreekanth Sukumaran wrote: >> >> Sorry, I missed to add subject in the last mail. Resending with subject. sorry >> about spamming the group >> >> Hi All, >> >> OpenLDAP version : 2.4.39 on windows >> Tool used : Microsoft Attack surface analyzer >> >> We have been doing attack surface analysis on OpenLDAP server, and we have found >> that there is an UDP port 63515 associated with OpenLDAP server. (state shows >> "Unknown", not listening or established) >> >> Inline image 1 >> >> We have not connected any clients to OpenLDAP server, so we cannot think of it >> as an ephemeral port at server end as well. >> >> Has anyone an idea on what this port could be for. Inputs are much appreciated. > > I really wonder what OpenLDAP builds you're running?!? > > Personally I never saw an OpenLDAP server listening on 63515/udp. > > Maybe > - the analysis tool is broken > - the OpenLDAP server was seriously patched to do something strange nobody knows > - somebody hacked your server and added it to a botnet we mustn't forget the possibility of solar flares, and most recently, courtesy of cisco, cosmic radiation.
Attachment:
smime.p7s
Description: S/MIME cryptographic signature