[SGVLUG] A question for the security gurus
BB Odenthal
bb.odenthal at gmail.com
Wed Nov 7 17:29:27 PST 2007
I agree. The nmap solution may only work where a user has some
knowledge of the networks they're connected to.
I have a couple of ideas off the top of my head. Both of these assume
that DHCP is available.
Unfortunately there doesn't appear to be a DNS specification for LDAP
server names. But...if you happen to know the domain name of the
network that you're on
grep -E "domain|search" /etc/resolv.conf
then a few DNS queries for the obvious LDAP domain names may prove fruitful.
dig ldap
dig ldap.companyxyz.com
dig ldap01.companyxyz.com
Another possibility is to determine if DHCP option 95 (ldap-server) is
present. Option 95 specifies the URL for an ldap-server. Just grep
the dhclient lease database. On Ubuntu it's
/var/lib/dhcp3/dhclient.adapter.leases (where adapter is the current
adapter you're using, ie eth0)
grep ldap-server /var/lib/dhcp3/dhclient.eth0.leases
-bb
On Nov 7, 2007 5:19 PM, Emerson, Tom (*IC) <Tom.Emerson at wbconsultant.com> wrote:
> The key word here is PROGRAMMATICALLY -- I want to incorporate this into
> a program such that I don't have to require configuration on the part of
> end users or network administrators (and, believe it or not, "all that,
> just to get the user's real name...")
>
> Running nmap, every time a user runs the program, would be a little
> disruptive in an organization the size of time/warner...
>
>
> > -----Original Message-----
> > From: sgvlug-bounces at sgvlug.net
> > [mailto:sgvlug-bounces at sgvlug.net] On Behalf Of Charles N Wyble
> > Sent: Wednesday, November 07, 2007 4:17 PM
> > To: SGVLUG Discussion List.
> > Subject: Re: [SGVLUG] A question for the security gurus
> >
> >
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Well I would run an NMAP scan for the default LDAP port
> > number and get the hostname based on that. :)
> >
> > Emerson, Tom (*IC) wrote:
> > > How does one go about determining the name of an LDAP server on an
> > > arbitrary network? (programmatically, that is...)
> > >
> > > So far, all the examples I've found on the 'net make use of a
> > > hard-coded entry, along with the obligatory comment "replace
> > > 'LDAP://192.168.1.1/...' with the address of your actual
> > LDAP server"
> > >
> > >
> > >
> >
> > - --
> > Charles N Wyble charles at thewybles.com (818) 280 7059
> > Website: http://www.thewybles.com/~charles
> > Blog: http://jackshck.livejournal.com
> >
> > President and CEO of Known Element Enterprises and affiliated
> > companies.
> > Website: http://www.knownelement.com
> > Blog: http://siliconvs.blogspot.com
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.6 (GNU/Linux)
> > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> >
> > iD8DBQFHMlV3kQPZV56XDBMRAidKAJ93Q+0Zk6r8lrkWx3bpgJ0LKrHjFgCgkM2v
> > TOTqfUJZ+kFJ4bz/gISskvU=
> > =clEV
> > -----END PGP SIGNATURE-----
> >
>
More information about the SGVLUG
mailing list