I keep getting people trying to hack my LDAP and Open Directory on the server. A nice firewall comes with 10.4 Server, but I can’t seem to block out access to kerberos authentication. People are setting up dictionary attacks attempting to login as “diradmin” and it brings my server to a crawl and eventually to a halt. I’ve attempted to turn off all the ports via server admin, but it doesn’t appear to work. The only thing that has worked as been adding a manual rule policy.

I’ve got a new machine built to run Smoothwall that I will be installing soon so I can alleviate this as well as provide some network redundancy. It’s a great open source linux based firewall solution that takes older hardware and makes a firewall appliance out of it, including QoS, realtime bandwidth monitoring, SNORT, etc.