Home page logo
/

basics logo Security Basics mailing list archives

Risks associated to LDAP
From: Rodrigo Blanco <rodrigo.blanco.r () gmail com>
Date: Wed, 15 Feb 2006 21:19:50 +0100

Hello list,

I would like to know what risks can be associated to a corporate LDAP
deployment, from the security points of view:

- Confidentiality
- Integrity
- Availability
- Authentication

At first glance, I can think of:

- users / organizations enumeration (and if this is compromised,
password / bruteforce attacks against the LDAP auth. from the obtained
usernames),
- DoS / exploits against the LDAP service
- eavesdropping on non-encrypted messages
- replication spoofing,
- brute force bind attempts,

but I am sure there must be more issues. Also, I have been searching
for secure architecture reccomendations / checklists (such as NIST's),
but found no pointers to authorized sources... Any links will also be
more than welcome.

Thanks in advance and best regards,
Rodrigo.

---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Tailor your education to your own professional goals with degree
customizations including Emergency Management, Business Continuity Planning,
Computer Emergency Response Teams, and Digital Investigations.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
  • Risks associated to LDAP Rodrigo Blanco (Feb 17)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault