No announcement yet.

Enumeration - LDAP & Directory Services

  • Time
  • Show
Clear All
new posts

  • Enumeration - LDAP & Directory Services

    The Lightweight Directory Access Protocol (LDAP) is used to interact with and organize databases. LDAP is widely used due to the fact that is an open standard that is used by a number of vendors in their own products. In many cases much like Microsoft Active Directory. A directory is a database but the data is organized in a hierarchical or logical manner. One way of visualizing it is by thinking of the organization of data as files and folders.

    Directory Services that make use of LDAP include the following
    • Active Directory
    • Novell eDirectory
    • OpenLDAP
    • Open Directory
    • Oracle iPlanet

    In some cases the queries performed through LDAP can disclose sensitive data that can be leveraged by an attacker. Many Directory Services offer some sort of protection in the form of encryption or by other means. Some of these options are enabled by default but some have to be enabled by an administrator.
    Certified Security Geek