[1]
|
J. M. Alonso, R. Bordon, M. Beltran and A. Guzman, “LDAP Injection Techniques,” in Communication Systems, 2008. ICCS 2008 11th, IEEE Singapore International Conference, pp. 980-986, 19-21 November 2008.
|
[2]
|
J. M. Alonso, R. Bordon, M. Beltran and A. Guzman, “LDAP Injection & Blind LDAP Injection,” Figure 1 in URJC, p. 4, 2008, ICCS 2008.
|
[3]
|
“RFC 4512: Light Directory Access Protocol (LDAP): Directory Information Models,” 2006.
http://tools.ietf. org/html/rfc4512
|
[4]
|
J. M. Alonso, R. Bordon, M. Beltran and A. Guzman, “LDAP Injection & Blind LDAP Injection,” URJC, 2008, ICCS 2008.
|
[5]
|
“OpenLDAP—Secure Computing Wiki,” 2010.
http://www.secure-computing.net/wiki/index.php/OpenLDAP
|
[6]
|
“RFC: 2830: Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security,” 2000, http:// www.rfceditor.org/rfc/rfc2830.txt
|
[7]
|
“RFC 1487: X.500 Lightweight Directory Access Protocol,” 1993. http://www.faqs.org/rfcs/rfc1487.html
|
[8]
|
“RFC 2251: Lightweight Directory Access Protocol (v3),” 1997. http://www.faqs.org/rfcs/rfc2251.html
|
[9]
|
“RFC 4422: Simple Authentication and Security Layer (SASL),” 2006. http://tools.ietf.org/html/rfc4422
|
[10]
|
“Application Layer-Wikipedia, the Free Encyclopedia,” 2011. http://en.wikipedia.org/wiki/Application_Layer.
|
[11]
|
A. Everett, “Unauthenticated Authentication: Null Bytes and the Affect on Web-Based Applications which Use LDAP,” IT Information Security Office, Oklahoma State University, Stillwater, December 2006.
|
[12]
|
“Transport Layer-Wikipedia, the Free Encyclopedia,” 2011. http://en.wikipedia.org/wiki/Trans-port_Layer
|
[13]
|
S. Foley and W. Fitzgerald, “An Approach to Security Policy Configuration Using Semantic Threat Graphs,” Data and Applications Security XXIII, 2009. University College Cork Cork Constraint Computation Centre, Com- puter Science Department Ireland, Vol. 5645, pp. 33-48, 2009
|
[14]
|
“TCP 3 WAY HANDSHAKE: Educational Resources, Tips, Tricks, and More,” 2010.
http:// www.3wayhandshake.com/
|
[15]
|
“Raw Socket-Wikipedia, the Free Encyclopedia,” 2011 http://en.wikipedia.org/wiki/Raw_so-cket
|
[16]
|
W. Eddy, “Cisco—Defenses against TCP SYN Flooding Attacks,” 2006.
http://www.cisco.com/web/about/ac123/ac147/images/ipj/ipj_9-4/94_syn_fig2_lg.jpg
|
[17]
|
“OpenLDAP, Download,” 2011.
http:// www.openldap.org/software/download/
|
[18]
|
“MIT Kerberos Distribution Page,” 2010.
http://web.mit.edu/kerberos/dist/index.html
|
[19]
|
“SSLSTRIP,” 2009. http://tools.ietf. org/html/rfc4422
|
[20]
|
“Kerberos: The Network Authentication Protocol,” 2010. http://web.mit.edu/kerberos/what_is.
|