dnswatchdog.iodocs
Issues

Port 636: LDAPS

Open LDAPS port detected on a publicly accessible host.

Severity: Warning | Port: 636

What is LDAPS?

LDAPS is the encrypted version of LDAP (Lightweight Directory Access Protocol). It wraps LDAP communication inside a TLS connection on port 636, protecting the data in transit. Like LDAP, it is used to query directory services such as Active Directory for user accounts, groups, and organizational data.

Why this is a problem

While LDAPS encrypts the connection (unlike plain LDAP on port 389), exposing a directory service to the internet is still risky. Attackers can attempt to authenticate against the directory, enumerate users if anonymous binds are allowed, or exploit vulnerabilities in the LDAP server software. Directory services contain sensitive organizational data and should not be publicly reachable.

What you should do

  • Review whether public exposure is intentional — directory services should typically only be accessible from internal networks
  • If remote access is required, place the service behind a VPN
  • Ensure anonymous binds are disabled
  • Keep the directory server software up to date

Port 389: LDAP

Open LDAP port detected on a publicly accessible host.

Port 1433: MSSQL

Open Microsoft SQL Server port detected on a publicly accessible host.

On this page

What is LDAPS?Why this is a problemWhat you should do