Different protocols control data transport and facilitate communication between network resources. Along with the data, each of these protocols carries important information about network resources. By effectively manipulating the protocols, an external user can get access to the network and potentially exploit its resources by enumerating that information. One such mechanism that accesses the directory listings is the Lightweight Directory Access mechanism (LDAP).
LDAP is an Internet protocol for accessing distributed directory services. Directory services may provide any organized set of records, often in a hierarchical and logical structure, such as a corporate email directory. A client starts an LDAP session by connecting to a directory system agent (DSA) on TCP port 389 and then sends an operation request to the DSA. Information is transmitted between the client and server using basic encoding rules (BER).
TOOLS
- Softerra LDAP Administrator (ldapadministrator.com)
- LDAP Admin Tool (ldapsoft.com)
- LDAP Account Manager (ldap-account-manager.org)
- JXplorer (jxplorer.org)
- Active Directory Explorer (AD Explorer)
COUNTERMEASURES
- By default, LDAP traffic is transmitted unsecured; therefore, use Secure Sockets Layer (SSL) or STARTTLS technology to encrypt the traffic.
- Select a username different from the email address and enable account lockout.
- Restrict access to Active Directory by using software such as Citrix.
- Use NTLM or any basic authentication mechanism to limit access to legitimate users.
- Phases of Hacking
- Introduction to Enumeration
- NetBIOS Enumeration
- SNMP Enumeration
- NTP, NFS and SMTP Enumeration
- DNS Enumeration
- Telnet, SMB, FTP and TFTP Enumeration
- Other Enumeration Techniques (IPSec, VoIP, RPC, Unix/Linux, IPv6, and BGP)
No comments:
Post a Comment