Back
 JIS  Vol.2 No.4 , October 2011
Vulnerabilities of LDAP As An Authentication Service
Abstract: Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including e-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server.
Cite this paper: nullC. Obimbo and B. Ferriman, "Vulnerabilities of LDAP As An Authentication Service," Journal of Information Security, Vol. 2 No. 4, 2011, pp. 151-157. doi: 10.4236/jis.2011.24015.
References

[1]   J. M. Alonso, R. Bordon, M. Beltran and A. Guzman, “LDAP Injection Techniques,” in Communication Systems, 2008. ICCS 2008 11th, IEEE Singapore International Conference, pp. 980-986, 19-21 November 2008.

[2]   J. M. Alonso, R. Bordon, M. Beltran and A. Guzman, “LDAP Injection & Blind LDAP Injection,” Figure 1 in URJC, p. 4, 2008, ICCS 2008.

[3]   “RFC 4512: Light Directory Access Protocol (LDAP): Directory Information Models,” 2006. http://tools.ietf. org/html/rfc4512

[4]   J. M. Alonso, R. Bordon, M. Beltran and A. Guzman, “LDAP Injection & Blind LDAP Injection,” URJC, 2008, ICCS 2008.

[5]   “OpenLDAP—Secure Computing Wiki,” 2010. http://www.secure-computing.net/wiki/index.php/OpenLDAP

[6]   “RFC: 2830: Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security,” 2000, http:// www.rfceditor.org/rfc/rfc2830.txt

[7]   “RFC 1487: X.500 Lightweight Directory Access Protocol,” 1993. http://www.faqs.org/rfcs/rfc1487.html

[8]   “RFC 2251: Lightweight Directory Access Protocol (v3),” 1997. http://www.faqs.org/rfcs/rfc2251.html

[9]   “RFC 4422: Simple Authentication and Security Layer (SASL),” 2006. http://tools.ietf.org/html/rfc4422

[10]   “Application Layer-Wikipedia, the Free Encyclopedia,” 2011. http://en.wikipedia.org/wiki/Application_Layer.

[11]   A. Everett, “Unauthenticated Authentication: Null Bytes and the Affect on Web-Based Applications which Use LDAP,” IT Information Security Office, Oklahoma State University, Stillwater, December 2006.

[12]   “Transport Layer-Wikipedia, the Free Encyclopedia,” 2011. http://en.wikipedia.org/wiki/Trans-port_Layer

[13]   S. Foley and W. Fitzgerald, “An Approach to Security Policy Configuration Using Semantic Threat Graphs,” Data and Applications Security XXIII, 2009. University College Cork Cork Constraint Computation Centre, Com- puter Science Department Ireland, Vol. 5645, pp. 33-48, 2009

[14]   “TCP 3 WAY HANDSHAKE: Educational Resources, Tips, Tricks, and More,” 2010. http:// www.3wayhandshake.com/

[15]   “Raw Socket-Wikipedia, the Free Encyclopedia,” 2011 http://en.wikipedia.org/wiki/Raw_so-cket

[16]   W. Eddy, “Cisco—Defenses against TCP SYN Flooding Attacks,” 2006. http://www.cisco.com/web/about/ac123/ac147/images/ipj/ipj_9-4/94_syn_fig2_lg.jpg

[17]   “OpenLDAP, Download,” 2011. http:// www.openldap.org/software/download/

[18]   “MIT Kerberos Distribution Page,” 2010. http://web.mit.edu/kerberos/dist/index.html

[19]   “SSLSTRIP,” 2009. http://tools.ietf. org/html/rfc4422

[20]   “Kerberos: The Network Authentication Protocol,” 2010. http://web.mit.edu/kerberos/what_is.

 
 
Top