Blocking the Apple Filing Protocol (AFP) in the university network
The Apple file-sharing protocol is blocked at the interface between the university network and the Internet due to an acute security vulnerability. Outside users must use VPN to access such an Apple file share. Administrators of devices/servers with an AppleShare service are advised to update their systems or disable the service.
Since late December 2018, a vulnerability has become known in netatalk, a widely used server software for the Apple Filing Protocol (AFP) used on Unix servers, routers and NAS (WD, Synology) devices. In versions prior to 3.1.12, this software has a security vulnerability that does not even require valid credentials to be exploited (unauthenticated) and can be used to transfer affected systems to third parties. Due to this current security threat, we block incoming AFP connections.
Users accessing file shares from outside the university via AFP now have to switch to VPN.
On request, KIM can offer you other alternatives to file sharing.
Translated with www.DeepL.com/Translator