Hi All,

Thanks for all the replies, I have been in vacation and am just back.

The OpenLDAP server is not seriously patched and the port is really strange. I will look back at the analysis once again and update.

On Sat, Oct 1, 2016 at 11:20 PM, Dieter Klünter <dieter@dkluenter.de> wrote:
Am Fri, 30 Sep 2016 12:55:47 +0200
schrieb Michael Ströder <michael@stroeder.com>:

> Sreekanth Sukumaran wrote:
> >
> > Sorry, I missed to add subject in the last mail. Resending with
> > subject. sorry about spamming the group
> >
> > Hi All,
> >
> > OpenLDAP version : 2.4.39 on windows
> > Tool used : Microsoft Attack surface analyzer
> >
> > We have been doing attack surface analysis on OpenLDAP server, and
> > we have found that there is an UDP port 63515 associated with
> > OpenLDAP server. (state shows "Unknown", not listening or
> > established)
> >
> > Inline image 1
> >
> > We have not connected any clients to OpenLDAP server, so we cannot
> > think of it as an ephemeral port at server end as well.
> >
> > Has anyone an idea on what this port could be for. Inputs are much
> > appreciated.
>
> I really wonder what OpenLDAP builds you're running?!?
>
> Personally I never saw an OpenLDAP server listening on 63515/udp.

Probabely Samba with CLDAP and a strange port?

-Dieter

--
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:DA147B05
53°37'09,95"N
10°08'02,42"E




--
Regards,
Sreekanth
09036794524