Research on Vulnerabilities of LDAP as an Authentication Service

Lightweight Directory Access Protocol (LDAP) servers are widely used to authenticate users in
enterprise level networks. Organizations such as universities and small to medium-sized businesses
use LDAP for a variety of applications including E-mail clients, SSH, and workstation authentication.
Since many organizations build dependencies on the LDAP service, a Denial-of-Service (DoS) attack
to the service can cause a greater number of services disrupted. This paper examines the danger in
the use of LDAP for user authentication by executing a DoS attack exploiting the TCP three-way
handshake required when initializing.

Author (s) Details

Charlie Obimbo
School of Computer Science, University of Guelph, Canada

Benjamin Ferriman
School of Computer Science, University of Guelph, Canada.

View Book :-