The present invention relates to securing and protecting data and, more particularly, to methods and systems for securing and protecting data repositories and directories.
Owing to the central roles of the directory and directory service in any given organization, it is clear that Active Directory is the most sensitive centralized service/servers in any organization today.
In real-world scenarios, malicious hackers, internal users with malicious purpose or any other potential malicious users can connect to Active Directory and take useful information about the organization (in the Reconnaissance and Scanning phases) and use this information to perform their next phases in their attack plan. For example: hackers can create an automatic brute force attack process based on the users list from the directory.
Additional threats to the directory include: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privileges as well as Internal Threats from legitimate users (due to the fact that every computer and each user in the network can access AD without any special permissions).
The following list summarizes a number of potential attacks on Directory Services:                Legitimate users querying information        Connection of illegitimate/malicious tools        Legitimate users attempting to access the Directory from illegitimate computers or networks.        Attacking Distributed Component Object Model (DCOM) services        Attacking Lightweight Directory Access Protocol (LDAP Injection)        Schema manipulation        Data manipulation of Objects        Remote Desktop password cracking        Remote procedure call (RPC) attacks        Attaching debuggers to the Directory Processes from a remote/local connection        Dumping password hashes        Security Identifier (SID) spoofing and manipulation        Denial of Service        Distributed Denial of Services        Attacks from trusted forest on the trusting forest by a malicious entity in the trusted forest        Attacks on shared resources in a trusting forest by malicious users in a trusted forest        Manipulation of Directory protocols data upon transmission        Privilege elevation        