22 Sep 2011



LDAP servers are vulnerable to LDAP query injection and DNS hijacking may lead to your query landing on the attacker's server. Attacker can sniff your username/password through your LDAP connection. Hacker may sniff your confidential information through LDAP connection.

So, How to prevent this? You can use Net::LDAPS and LDAP over TLS.

To know more about various security threats on LDAP and how to overcome those, read the document at Net::LDAP::Security


  1. Using TLS is an excellent suggestion. Using secure transmission also has the following benefit: passwords can be transmitted in clear-text over a secure, encrypted connection which facilitates directory server performing password quality checks, this would not be possible with pre-encoded passwords.