Internet Security Scare
Potentially one of the largest Internet security holes was discoved today by a group of computer scientists in Finland.
The Oulu University Secure Programming Group has found a hole in Simple Network Management Protocol (SNMP) through which hackers can launch denial-of-service attacks.
The CERT Coordination Center, a security research center at Carnegie Mellon University in the United States, issued an advisory on the security hole at 3:20 PM today. According to the CERT Alert, this security hole is likely to affect a large amount of the networking gear in use. Most vendors were already scrambling to provide customers with software patches as we write. Cisco Systems Inc. (Nasdaq: CSCO) has also issued its own security alert, saying the loophole could affect most of Cisco's switching and routing product families.
The CERT alert states that numerous vulnerabilities have been reported in multiple vendors' SNMP implementations. Specifically, these vulnerabilities could allow unauthorized privileged access or denial-of-service attacks (which occur when networking devices are flooded with millions of incoming packets), or cause unstable behavior.
SNMP is a widely deployed protocol that is commonly used to monitor and manage network devices. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts, according to CERT.
Some experts believe that these vulnerabilities could cause serious problems. Greg Shipley, chief technology officer at security firm Neohapsis, says there is no way to know how much damage could be caused through these security loop holes, but he says they must be taken seriously.
"The implications are substantial, simply because of the number of products that this affects," he says. "The other thing is you in a complex situation like this the first hole is usually just the tip of the iceberg."
CERT/CC recommends that service providers disable SNMP and turn on several different filtering mechanisms on products for additional protection, until the problem can be resolved.
According to an unconfirmed report, WorldCom Inc.'s (Nasdaq: WCOM) UUNet, one of the largest Internet service providers in the world, has alredy seen interruptions in its backbone network, though it's unclear whether this is related to the SNMP security hole.
Products from most of the major networking companies are listed in the advisory as being affected. These include gear from 3Com Corp. (Nasdaq: COMS), Cisco, Enterasys Networks Inc. (NYSE: ETS), Hewlett-Packard Co. (NYSE: HWP), Juniper Networks Inc. (Nasdaq: JNPR), Lucent Technologies Inc. (NYSE: LU), Marconi PLC (Nasdaq/London: MONI), Nortel Networks Corp. (NYSE/Toronto: NT), and Redback Networks Inc. (Nasdaq: RBAK), to name a few.
We'll provide more information as it becomes available.
--R. Scott Raynovich, US Editor, and Marguerite Reardon, Senior Editor, Light Reading
http://www.lightreading.com
The Oulu University Secure Programming Group has found a hole in Simple Network Management Protocol (SNMP) through which hackers can launch denial-of-service attacks.
The CERT Coordination Center, a security research center at Carnegie Mellon University in the United States, issued an advisory on the security hole at 3:20 PM today. According to the CERT Alert, this security hole is likely to affect a large amount of the networking gear in use. Most vendors were already scrambling to provide customers with software patches as we write. Cisco Systems Inc. (Nasdaq: CSCO) has also issued its own security alert, saying the loophole could affect most of Cisco's switching and routing product families.
The CERT alert states that numerous vulnerabilities have been reported in multiple vendors' SNMP implementations. Specifically, these vulnerabilities could allow unauthorized privileged access or denial-of-service attacks (which occur when networking devices are flooded with millions of incoming packets), or cause unstable behavior.
SNMP is a widely deployed protocol that is commonly used to monitor and manage network devices. Version 1 of the protocol (SNMPv1) defines several types of SNMP messages that are used to request information or configuration changes, respond to requests, enumerate SNMP objects, and send unsolicited alerts, according to CERT.
Some experts believe that these vulnerabilities could cause serious problems. Greg Shipley, chief technology officer at security firm Neohapsis, says there is no way to know how much damage could be caused through these security loop holes, but he says they must be taken seriously.
"The implications are substantial, simply because of the number of products that this affects," he says. "The other thing is you in a complex situation like this the first hole is usually just the tip of the iceberg."
CERT/CC recommends that service providers disable SNMP and turn on several different filtering mechanisms on products for additional protection, until the problem can be resolved.
According to an unconfirmed report, WorldCom Inc.'s (Nasdaq: WCOM) UUNet, one of the largest Internet service providers in the world, has alredy seen interruptions in its backbone network, though it's unclear whether this is related to the SNMP security hole.
Products from most of the major networking companies are listed in the advisory as being affected. These include gear from 3Com Corp. (Nasdaq: COMS), Cisco, Enterasys Networks Inc. (NYSE: ETS), Hewlett-Packard Co. (NYSE: HWP), Juniper Networks Inc. (Nasdaq: JNPR), Lucent Technologies Inc. (NYSE: LU), Marconi PLC (Nasdaq/London: MONI), Nortel Networks Corp. (NYSE/Toronto: NT), and Redback Networks Inc. (Nasdaq: RBAK), to name a few.
We'll provide more information as it becomes available.
--R. Scott Raynovich, US Editor, and Marguerite Reardon, Senior Editor, Light Reading
http://www.lightreading.com
EDUCATIONAL RESOURCES
FEATURED VIDEO
UPCOMING LIVE EVENTS
June 6-8, 2023, Digital Symposium
June 21, 2023, Digital Symposium
December 6-7, 2023, New York City
UPCOMING WEBINARS
June 14, 2023
How do We Capture the 6G Experience?
June 14, 2023
The Power of Wholesale Order Automation: How New Advancements in Intercarrier Commerce Can Transform Your Business.
June 20, 2023
5G standalone for breakout growth and efficiency
June 21, 2023
Cable Next-Gen Europe Digital Symposium
June 22, 2023
Next-Gen PON Digital Symposium
Webinar Archive
PARTNER PERSPECTIVES - content from our sponsors
Is The Traditional PayTV Provider Being Squeezed Out?
By Terry Doyle for Enghouse Networks
All Partner Perspectives
