Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including e-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server.
CITATION STYLE
Obimbo, C., & Ferriman, B. (2011). Vulnerabilities of LDAP As An Authentication Service. Journal of Information Security, 02(04), 151–157. https://doi.org/10.4236/jis.2011.24015
Mendeley helps you to discover research relevant for your work.