IT Baseline Protection Manual - The Information Warfare Site

Threats Catalogue Deliberate Acts Remarks
____________________________________________________________________ .........................................
T 5.61 Misuse of remote access to management
functions on routers
Routers are equipped with remote access ports for management functions. All
administration, maintenance and signalling tasks can be performed via these
ports. Such ports are useful, and sometimes even indispensable, particularly in
large networks possessing several routers and LANs linked via long-range
lines.
There are two types of remote access:
- Modem access via dedicated interfaces (e.g. V.24)
- Direct access via reserved bandwidths
If SNMP (Simple Network Management Protocol) is used for network
management, a fundamental lack of security measures, or a failure to
implement existing measures, gives rise to threats over and above the direct
misuse of unprotected remote interfaces:
- An unauthorised user intercepts data packets from an SNMP management
station and modifies their parametrised values for his own purposes. The
manipulated data packets are then forwarded to their original, intended
destination. The receiving unit is not able to detect the manipulation of the
data, and handles the information in the packet as though it had been sent
directly from the management station.
- If the owner of a network management station gains access to a network
administered using SNMP, it is possible for the owner to impersonate a
community (an administrative area within SNMP). As a result, an
unauthorised user is able to feign an authorised identity, and read all the
information from the agents (objects to be managed in the network,
such as routers) as well as perform all management operations. In this
case, the agents are not able to distinguish between the correct and
incorrect identities.
____________________________________________________________________ .........................................
IT-Baseline Protection Manual: Oktober 2000