>> IV. WORKAROUNDS: >> >> Block TCP ports 389 and 3268 to your Active Directory >> server from untrusted sources. > > AD may also be listening on 636 for LDAP-over-SSL.
... and 3269 for Global Catalog over SSL. Regards, - Nicolas RUFF _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
