Internet Accessible Open LDAP (TCP) Service.
Description
The Lightweight Directory Access Protocol (LDAP) is a lightweight client-server protocol that runs over TCP/IP or other connection oriented transfer services. It is used for accessing and maintaining directory information services. The core functionality of LDAP lies in the interaction between the client and the LDAP server. When a client makes a request to the LDAP server, the request is sent to the LDAP server; the server processes the entire transaction and then sends the results of the transaction back to the client. This is different from other protocols where the server and the client may communicate several times during the course of one transaction.
LDAP (TCP) listens on port 389/TCP. - (Default Port for Unencrypted LDAP Communication).
LDAPS (TCP) (LDAP over SSL or Secure LDAP) listens on port 636/TCP. - (Default Port for Encrypted LDAPS Communication).
Background Information
Printed directories are important information tools. Directories provide names, addresses, people's affiliations, organisations, or institutions. A Telephone directory contains a alphabetical list of individuals (customers) and businesses along with their telephone numbers and addresses that reside in or are registered in a Geographic Telecommunications Numbering Area associated with a particular area code.
The purpose of electronic directories is similar to printed directories, that is to provide names, locations and other information about people and organisations.
In a Local Area Network (LAN) or a Wide Area Network (WAN), this directory information may be used for user authentication (e.g., logins and passwords), or network security (e.g., user-access rights). A directory may also contain information on the physical devices on a network (e.g., personal computers, servers, printers, and routers) and the services available on a specific device (such as the operating systems, applications, file systems, print queues). This information may be accessible to computer applications as well as being readable for end users. Microsoft Active Directory is a directory server that stores user information such as usernames, phone numbers, and email addresses. The protocol LDAP allows a Microsoft Windows client to access, read and modify the information contained in the Active Directory.
Problem
All data, including sensitive data, such as user login credentials are transmitted in plain text over LDAP (TCP). These data transmissions are vulnerable to eavesdropping, the data can be intercepted by a packet sniffer, and the data contained within the individual LDAP (TCP) packets read.
If malicious actors are able to intercept all of the data being sent between a LDAP client and its server, they can see and use that information.
An Internet Accessible Open LDAP (TCP) connection can be exploited by malicious actors to perform reconnaissance or recon, the process of investigating and identifying weak spots in an organization’s network. Mapping an organisation’s attack surface and analyzing the domain for critical data, misconfigurations or system vulnerabilities, helping them to plan their attack and establish a foothold that eventually leads to compromise.
On successfully binding to a LDAP Server, malicious actors can, launch a Brute Force or Credential Stuffing attack using the automated injection of stolen username and password pairs in order to gain unauthorized access to user accounts. Using automation tools, large numbers of compromised credentials are automatically entered into an application until success is achieved. Once an account takeover is achieved, account data can be stolen, fraudulent transaction initiated, or the account can be used for other criminal activities. An important enabler for credential stuffing is the tendency of users to reuse passwords across more than one application.
Recommendations
LDAPS
LDAPS uses TLS (Transport Layer Security) or SSL (Secure Sockets Layer) to encrypt data transmitted over LDAPS (TCP) thereby safeguarding the data from credential theft and makes packet sniffing harder to perform.
Transport Layer Security (TLS)
Transport Layer Security (TLS) evolved from Secure Socket Layers (SSL), a standard security technology for establishing an encrypted link between a server and a client, typically a web server (website) and a web browser, which had originally being developed by the Netscape Communications Corporation in 1994. SSL version 1 (SSL 1.0) was never publicly released, whilst SSL version 2 (SSL 2.0) was quickly replaced by SSL version 3 (SSL 3.0) on which TLS is based. The Internet Engineering Task Force (IETF) proposed the first TLS protocol, TLSv1.0 in 1999. the highest protocol version available today is TLSv1.3.
The TLS protocol has three primary functions:
| No. | Function | Description |
|---|---|---|
| 1. | Encryption. | The primary function of the Transport Layer Security (TLS) or the Secure Sockets Layer (SSL) is to encrypt data. All data transmitted over TLS is encrypted, thereby safeguarding the data from credential theft and makes packet sniffing harder to perform. |
| 2. | Authentication. | TLS ensures that all parties involved in the transaction are who they claim to be. For example, in the case of internet browsing, it confirms the authenticity of a website or web server for a browser. |
| 3. | Integrity. | TLS verifies that data hasn’t been forged or tampered with by third parties and that all information reaches its destination as intended. |
TLS/SSL Handshake
During the TLS/SSL Handshake, three (3) keys are used to set up the TLS/SSL connection, the public, private, and session keys. Anything encrypted with the public key can only be decrypted with the private key, and vice versa. During the TLS/SSL Handshake, the public and private keys are used to create a symmetric session key. After the secure connection is made, the session key is used to encrypt all transmitted data.
| No. | TLS Version. | TLS Version Details. | Status. |
|---|---|---|---|
| 1. | TLS Version 1.0. | The Internet Engineering Task Force (IETF) published TLS Version 1.0 in 1999. This version was based upon SSL 3.0, It supports old and deprecated algorithms. | Deprecated. |
| 2. | TLS Version 1.1. | The Internet Engineering Task Force (IETF) published TLS Version 1.1 in April 2006. This version supports authenticated encryption ciphers, It can only use deprecated and insecure algorithms like MD5 and SHA-1. | Deprecated. |
| 3. | TLS Version 1.2. | The Internet Engineering Task Force (IETF) published TLS Version 1.2 in 2008. This version uses more secure algorithms like SHA-256, the server is enabled to ultimate select the cipher from among those supported by both parties. It supports authenticated encryption with extra data modes and allows the utilization of advanced cipher suites. Its full handshake has two round trips of communication. | In use. |
| 4. | TLS Vrsion 1.3. | The Internet Engineering Task Force (IETF) published TLS Version 1.3 in August 2018. This is now the most recent and secure TLS protocol version. TLS Version 1.3 enables Perfect Forward Secrecy (PFS), which constantly generates new, temporary keys for each communication session. This "ephemeral key" approach ensures that even if a single key is compromised in the future, only the data from that specific session is vulnerable, significantly limiting data exposure. Unlike older encryption methods where one key unlocks all past and future sessions, PFS prevents attackers from decrypting past conversations or future communications, even if they obtain a single key. TLS Version 1.3 uses only simple and stronger cipher suites that have no vulnerabilities. The Ephemeral Diffie-Hellman key exchange which supports PFS replaces the RSA key exchange process. TLS Version 1.3 combines the initial handshake and the negotiation of cryptographic parameters into one round trip improving the latency times resulting in a faster handshake. It also uses a smaller set of simplified cipher suites however it always requires digital signatures. | In use. |
Note - Microsoft Corporation
On the 01st Aug 2023, the Microsoft Corporation announced that TLS Version 1.0 and TLS Version 1.1 will be disabled by default in future versions of the Windows operating system, commencing with Windows 11 and in their range of Microsoft 365 products, due to security issues. The Microsoft Corporation will support TLS Version 1.2 and the higher protocol versions (TLS Version 1.3) going forward.
Components of the TLS/SSL Cipher Suite
Cipher suites are sets of instructions that enable secure network connections through Transport Layer Security (TLS). A cipher suite comprise of several ciphers that work together, each having a different cryptographic function, such as key generation and authentication.
Examples of Cipher Suites - Short Name Format
TLS ECDHE RSA WITH AES 256 GCM SHA384
TLS AES 256 GCM SHA384
| No. | Abbreviation | Description |
|---|---|---|
| 1. | TLS. | The Transport Layer Security (TLS) is used to encrypt the communication between web applications and servers, such as web browsers accessing a website. |
| 2. | ECDHE. | The Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) is a key agreement protocol that allows two parties, each having an elliptic-curve public–private key pair, to establish a shared secret over an insecure channel. |
| 3. | RSA. | The Rivest Shamir Adleman algorithm (RSA) is an asymmetric cryptography algorithm. Asymmetric means that it works on two different keys i.e. Public Key and Private Key that are mathematically linked to encrypt and decrypt data. Anything encrypted with the public key can only be decrypted with the private key, and vice versa. Because encrypting and decrypting with private and public key takes a lot of processing power, they are only used during the TLS/SSL Handshake to create a symmetric session key. |
| 4. | AES_256_GCM. | The Advanced Encryption Standard (AES) with 256 Bit Key in Galois/Counter mode (AES_256_GCM). AES is a symmetric encryption algorithm and a block cipher. A symmetric encryption algorithm use the same key to encrypt and decrypt data. As a block cipher, AES splits a message into smaller blocks and encrypts those blocks to convert the plaintext message into an unintelligible form called ciphertext. |
| 5. | SHA384. | SHA384 is a one way Secure Hash Algorithm (SHA) which can take a message of any length and transform it into a fixed-length output of 384 bits with a unique hash value. The SHA384 algorithm uses a series of operations to process the input data: Padding: The input message is padded with bits to ensure that the message is a multiple of 1024 bits. Message Schedule Calculation: The input message is divided into 1024-bit blocks, and the blocks are further divided into 80 64-bit words. Compression Function: The compression function takes a 1024-bit block of the input message and updates the intermediate hash value. Used in TLS/SSL cryptography to verify the integrity of data and ensure that it has not been tampered with. |
Note
The Internet Assigned Numbers Authority (IANA), OpenSSL and GnuTLS use different names for the same ciphers suites.
Additional Information included in CSIRT-IE Reports on Open LDAP (TCP) Reports.
| No. | Action | Description |
|---|---|---|
| 1. | Handshake. | The highest SSL handshake that could be negotiated (TLSv1.2, TLSv1.1, TLSv1.0, SSLv3). |
| 2. | Cipher Suite. | The highest CipherSuite that was able to be negotiated. |
| 3. | Certificate Issue Date. | Date when the SSL certificate became valid. |
| 4. | Certificate Expiration Date. | Date when the SSL certificate expires. |