Hardens LDAP directory services against attacks like credential collection, LDAP injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, signing, ACLs, and monitoring.
npx claudepluginhub killvxk/cybersecurity-skills-zhThis skill uses the workspace's default tool permissions.
加固 LDAP 目录服务以防御常见攻击,包括凭据收集、LDAP 注入(LDAP Injection)、匿名绑定和通道绑定绕过。涵盖 LDAPS 强制执行、通道绑定、LDAP 签名、访问控制列表及 LDAP 攻击监控。
Harden LDAP directory services against attacks like credential harvesting, LDAP injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, signing, ACLs, and monitoring.
Hardens LDAP services against credential harvesting, injection, anonymous binding, and channel binding bypass. Covers LDAPS enforcement, signing, ACLs, and monitoring for IAM security.
Configures Microsoft ESAE Active Directory tiered admin model with Tier 0/1/2 separation, PAW workstations, management forests, authentication silos, and credential theft mitigations. For securing enterprise identity environments.
Share bugs, ideas, or general feedback.
加固 LDAP 目录服务以防御常见攻击,包括凭据收集、LDAP 注入(LDAP Injection)、匿名绑定和通道绑定绕过。涵盖 LDAPS 强制执行、通道绑定、LDAP 签名、访问控制列表及 LDAP 攻击监控。
| 控制项 | NIST 800-53 | 描述 |
|---|---|---|
| 账户管理 | AC-2 | 生命周期管理 |
| 访问执行 | AC-3 | 基于策略的访问控制 |
| 最小权限 | AC-6 | 最小必要权限 |
| 审计日志 | AU-3 | 认证和访问事件 |
| 身份标识 | IA-2 | 用户和服务标识 |