Author(s)

Charlie Obimbo, Benjamin Ferriman

.

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including e-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server.

LDAP, SYN Flooding, Denial-of-Service, Authentication Service

C. Obimbo and B. Ferriman, "Vulnerabilities of LDAP As An Authentication Service," Journal of Information Security, Vol. 2 No. 4, 2011, pp. 151-157. doi: 10.4236/jis.2011.24015.