Hi Kevin/List,
Thanks for the response.
I had identical thoughts, but wouldn't anonymous binding to a Coporate tree
give a view of the hierarchy of the Company? So I guess enabling SSL and
building a strong ACL set would fortify the service.
Thanks,
Vishwanath
"Kevin Blanchard" <[EMAIL PROTECTED]> wrote in message
[EMAIL PROTECTED]">news:[EMAIL PROTECTED]...
> The best step is to secure the server running the LDAP. The LDAP itself
does not
> really have many threats if you set up the ACL properly. Most LDAPs are
made to
> be widely accessible to the outside world.
>
> Kevin
>
> Vishwanath Nair wrote:
>
> > Hi List,
> >
> > Forgive my naivete, but I would like to know of the different threats on
a
> > LDAP directoy and
> > ways to guard against them (in a general LDAP directory and iPlanet
> > Directory
> > in specific) . Its been mentioned that one of the steps to be taken
would be
> > to 'turn-off' anonymous binding. What are the other such steps that
could be
> > taken to make the Directory more secure?
> >
> > If there's any document floating around on the Net on this,could someone
> > point me to it?
> >
> > Thanks,
> > Vishwanath
>
> --
> Kevin Blanchard Operational Research Consultants, Inc.
> [EMAIL PROTECTED] 1625 Prince Street, Suite 250
> Phone: (703) 535-5344 Alexandria, Virginia 22314
> FAX: (703) 535-5335 www.orc.com
>
>
