Portal de Periódicos da CAPES

Vulnerabilities of LDAP As An Authentication Service

2011; Scientific Research Publishing; Volume: 02; Issue: 04 Linguagem: Inglês

10.4236/jis.2011.24015

2153-1242

Charlie Obimbo, Benjamin Ferriman,

IPv6, Mobility, Handover, Networks, Security

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in enterprise level networks. Organizations such as universities and small to medium-sized businesses use LDAP for a variety of applications including e-mail clients, SSH, and workstation authentication. Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack to the service can cause a greater number of services disrupted. This paper examines the danger in the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way handshake required when initializing a connection to an LDAP server.