13.11 Network Management System Security

The SNMP is the basis for most NMSs. It provides the ability to manage network devices in a multi-vendor environment from a central location. In fact, virtually any enterprise-class device that can be connected to a wired or wireless network supports SNMP. As useful as SNMP is for managing systems and network devices, it has always had weak security, making it vulnerable to hackers. In particular, the decoding and subsequent processing of management messages between SNMP managers and agents may cause denial-of-service conditions, service interruptions, and buffer overflows, allowing an attacker to gain access to or disrupt the proper operation of a device affected by these vulnerabilities. To create a denial-of-service attack, for example, a hacker might send bogus SNMP requests and traps that could flood an SNMP management system or appliance running a trap application. This might cause the system to hang and may require a reboot.

Usually, vendors offer SNMP security patches or firmware updates free of charge, which can be downloaded from their Web sites. If the SNMP-managed equipment was purchased from a vendor that went out of business, however, a fix might not be available. Rather than risk an attack, it is better to replace the equipment with a newer model from a stable vendor. In addition to applying a patch from the SNMP vendor in order to prevent these problems from recurring, network administrators can take the following additional precautions:

• Enable ingress filtering, which is the blocking of access to SNMP services at the network perimeter;

• Configure SNMP agent systems to disallow request messages from non-authorized systems;

• Segregate SNMP traffic onto a separate management network and filter traffic as it leaves the network to prevent the network from being used as a source for attacks on other sites;

• Disable any service or capability that is not explicitly required, including SNMP if it is enabled.

The last point is very important because SNMP will help malicious users learn a lot about a target system, making password guessing and similar attacks much easier. Unless this service is required, it is highly recommended that SNMP be turned off. Since many vendors ship their products with SNMP enabled, this security hole can only be plugged by using the configuration utility to disable SNMP.