Journal of Information Security

Volume 2, Issue 4 (October 2011)

ISSN Print: 2153-1234   ISSN Online: 2153-1242

Google-based Impact Factor: 3.79  Citations  

Vulnerabilities of LDAP As An Authentication Service

HTML  Download Download as PDF (Size: 399KB)  PP. 151-157  
DOI: 10.4236/jis.2011.24015    11,085 Downloads   19,836 Views  Citations

Affiliation(s)

.

ABSTRACT

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including e-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server.

Share and Cite:

C. Obimbo and B. Ferriman, "Vulnerabilities of LDAP As An Authentication Service," Journal of Information Security, Vol. 2 No. 4, 2011, pp. 151-157. doi: 10.4236/jis.2011.24015.

Cited by

[1] Deceptive directories and “vulnerable” logs: a honeypot study of the LDAP and log4j attack landscape
… EuroS&P Workshop on …, 2022
[2] АНАЛИЗ УЯЗВИМОСТЕЙ, ВОЗНИКАЮЩИХ ПРИ АУТЕНТИФИКАЦИИ ПОЛЬЗОВАТЕЛЕЙ С ИСПОЛЬЗОВАНИЕМ ACTIVE DIRECTORY
2020
[3] Systematic Literature Review on the LDAP Protocol As a Centralized Mechanism for the Authentication of Users in Multiple Systems
2018
[4] Integration von Unternehmens-Apps unter Verwendung einer Platform zur Steuerung des App-Lebenszyklus
2015
[5] Analysis of Denial of Services (DOS) Attacks and Prevention Techniques
International Journal of Engineering Research and Technology, 2015
[6] Authentication and Authorization in FELIX
2015 IEEE/ACM 8th International Conference on Utility and Cloud Computing (UCC), 2015
[7] Kerberos Active Directory for HP Thin Clients
International Journal of Emerging Technology and Advanced Engineering, 2014
[8] Securely Web-Based Application for Construction Material Testing
International Journal of Computer Applications, 2012

Journals Menu
Follow SCIRP
Contact us
+1 323-425-8868
customer@scirp.org
WhatsApp +86 18163351462(WhatsApp)
Click here to send a message to me 1655362766
Paper Publishing WeChat

Copyright © 2024 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.