Network misconfigurations

AWS EC2 instance allows public ingress access on LDAP port 389

Risk Level

Hazardous (3)

Compliance Frameworks
  • Orca Best Practices


LDAP (Lightweight Directory Access Protocol) is used to connect to directory services for user authentication and retrieval. Allowing Inbound traffic from external IPv4 addresses to LDAP ports can lead to attacks like DoS, Brute Force, Smurf and reconnaissance. It is a best practice to restrict the inbound traffic from specific addresses.
  • Recommend icon

    Recommended Mitigation

    It is recommended to replace the source IP of the rule with a specific IP address or delete the rule.