Port 389/636 - LDAP

Lightweight Directory Access Protocol. This port is usually used for Directories. Directory here means more like a telephone-directory rather than a folder. The Ldap directory can be understood a bit like the Windows registry. A database-tree. Ldap is sometimes used to store user information. Ldap is used more often in corporate structure. Web Applications can use ldap for authentication. If that is the case it is possible to perform ldap-injections which are similar to sql injections. You can sometimes access the ldap using an anonymous login, or with other words no session. This can be useful because you might find some valuable data about users.

ldapsearch -h <ip> -p 389 -x -b "dc=mywebsite,dc=com"

When a client connects to the Ldap directory it can use it to query data, or add or remove.

Port 636 is used for SSL.

There are also metasploit modules for Windows 2000 SP4 and Windows Xp SP0/SP1