IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 4.38 Failure of components of a network
management system or system management
system
It is possible for various components in a network management system or a
system management system to fail. Some of the problems that this causes are
described in the following section.
Failure of managed components
If components managed by a network management system or a system
management system fail while the system is in operation, then depending on
the type of management system, this can result in the management information
ceasing to be updated automatically. As a rule, for example in the case of
network management systems, the system administrator is only informed of
the failure of the component. If, for example, the failure of the component is
observed or deliberately caused by perpetrators, they can bring their own
computer into the system outside the LAN and pass it off as the failed
component (IP spoofing). This computer can be used for further perpetration
whereby it has the rights of an internal computer (such as entering false
management information).
Failure of monitoring components
If parts of a management system fail while the system is in operation (also
unnoticed), then the system components monitored or managed by these
components are no longer connected to the management system. New
instructions from the management then cease to be implemented on these
computers. The consequence of this is that inconsistent system configurations
arise, which can then cause security problems.
Unavailability of the central management station
If the central management station in a network managed by a management
system fails, the system can no longer be managed centrally. If the station is
unavailable for a long period of time, for example because the hardware
cannot be replaced at short notice due to missing maintenance contracts,
routine functions such as data backup may no longer be performed. If
uncoordinated manual alterations are made to the individually-managed
systems, this will lead to inconsistencies and maybe even security problems.
Failure of network switching elements during the transmission of
management information
When a management system is used to manage a computer network, it is
necessary to exchange so-called management information between the
individual components of the management system. The information is
transmitted via the local area network. Local area networks usually
(depending on the network technique used) consist of several subnetworks
which are linked together by network switching elements such as routers. In
the process, the network switching elements pass on data from one
subnetwork to another. If the switching elements fail, this corresponds to the
affected subnetworks being separated physically. It is then no longer possible
to exchange management information. Yet there is usually a subnetwork
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000