Blocking the Apple Filing Protocol (AFP) in the university network

The Apple file-sharing protocol is blocked at the interface between the university network and the Internet due to an acute security vulnerability. Outside users must use VPN to access such an Apple file share. Administrators of devices/servers with an AppleShare service are advised to update their systems or disable the service.


Since late December 2018, a vulnerability has become known in netatalk, a widely used server software for the Apple Filing Protocol (AFP) used on Unix servers, routers and NAS (WD, Synology) devices. In versions prior to 3.1.12, this software has a security vulnerability that does not even require valid credentials to be exploited (unauthenticated) and can be used to transfer affected systems to third parties. Due to this current security threat, we block incoming AFP connections.

Users accessing file shares from outside the university via AFP now have to switch to VPN.

On request, KIM can offer you other alternatives to file sharing.

Translated with www.DeepL.com/Translator

Post comment

×

Name is required!

Enter valid name

Valid email is required!

Comment is required!

Captcha Code Can't read the image? Click here to refresh

Captcha is required!

Code does not match!

Mit dem Absenden des Beitrages erkläre ich mich mit den Datenschutzbestimmungen der Universität Konstanz einverstanden. Die Datenschutzinformation ist im Seitenfuß verlinkt. Der eingegebene Name und der Text werden zusammen mit dem Kommentar auf der Webseite ausgegeben. Die E-Mail-Adresse ist nicht sichtbar.