I work for a small service provider and we are getting hit almost nightly by DDOS attacks to customers primary on UDP port 389 using LDAP protocol. Is it safe to set up filtering on edge routers to filter out traffic to udp 389 without breaking anything on customer ends? Our ISP says they can create a ACL for this in our providers router to filter this out. Is there any legitimate reason why customers would need to use this port over the internet?
No comments:
Post a Comment