[Freeipa-users] freeipa unsecured ports & MITM
Master P.
junkmafia89 at gmail.com
Tue Mar 29 14:51:04 UTC 2016
Hello,
I am using FreeIPA on the cloud and am worried about MITM attacks. I'm
assuming all network traffic can be easily read and possibly manipulated by
an attacker.
When following
https://docs.fedoraproject.org/en-US/Fedora/15/html/FreeIPA_Guide/installing-ipa.html,
some of the listed ports for FreeIPA (80 and 389) are unencrypted ports.
Should this be a concern or does FreeIPA only use those ports to send
non-sensitive information. If I disable just the unencrypted ports on my
clients will everything still work?
I don't understand Kerberos much so the same question applies to its ports
as well (88 and 464).
I am also using FreeIPA for DNS but it looks like DNSSEC is not enabled by
default, does this mean an attacker hijacking the DNS connections can get
into my system?
Thanks,
Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160329/8529a874/attachment.htm>
More information about the Freeipa-users
mailing list