Answer the question
In order to leave comments, you need to log in
Access to Active Directory via LDAP by intruders - what is the threat?
We deploy the Bitrix corporate portal (box) in the company. We want to integrate it with Active Directory in order to synchronize employee accounts. To do this, you will have to open access to the domain controller on the 3268th port and register in Bitrix the login / password of the account included in the "Domain Users" group. The question is: what threatens a domain controller with hacking Bitrix? What are the attacks on the domain controller through LDAP?
Configuration: Windows Server 2012 R2
Answer the question
In order to leave comments, you need to log in
TS,
use LDAPS for AD&B24 communication.
Release B24 itself into the world only through the necessary ports, and even better through a reverse proxy!
Well, firstly, they get a list of all objects:
* servers with their roles
* users with their logins
Next, the approach will be individual, there will probably be a user with the password "qweasd123" - well, there are further tactical steps - an attack on Exchange if there is, RDP if it is published and so on and so forth.
Well, it depends on the integration scheme. If you copy information to Bitrix (this is how I understand the word "synchronization"), then when hacking Bitrix, you can steal everything that is copied there.
In addition, it is theoretically possible to open Bitrix and plant your own program there, which will intercept the user's login - then it will also be possible to steal the passwords of those who log in.
To begin with, it would be necessary to make Bitix available only in the local network, but not outside. And if you need outside - then through the VPN.
In general, it is strange to deploy a system that can be easily hacked.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question