[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: snmpconf Comments on BCP-09

Hi -

> Message-Id: <>
> Date: Thu, 01 Aug 2002 16:11:37 -0400
> To: snmpconf@snmp.com
> From: "Wayne F. Tackabury" <wayne@goldwiretech.com>
> Subject: Re: snmpconf Comments on BCP-09
> Cc: "David T. Perkins" <dperkins@dsperkins.com>
> In-Reply-To: <>
> A further liability of authentication traps can be seen when they
> are being generated in the face of a Denial Of Service (DOS) attack, in the
> form of a flood of PDUs with invalid community strings, on the
> agent system.  If it is bad enough that the system is having to
> respond to and recover from the invalid agent data accesses, but the
> problem will be compounded if a separate Autentication notification
> PDU is sent to each recipient on the management network.

It's not just authentication failure notifications that warrant
caution.  See point (4) in the security considerations section of
draft-ietf-adslmib-adslext-10.txt which describes this fun case:

|    4) ADSL layer connectivity from the ATU-R will permit the subscriber
|    to manipulate both the ADSL link directly and the ADSL overhead
|    control channel(AOC)/embedded operations channel (EOC)
|    for their own loop.  For example,  unchecked or unfiltered
|    fluctuations initiated by the subscriber could generate sufficient
|    notifications to potentially overwhelm either the management
|    interface to the network or the element manager.  Other attacks
|    affecting the ATU-R portions of the MIB may also be possible.

 Randy Presuhn          BMC Software, Inc.  1-3141
 randy_presuhn@bmc.com  2141 North First Street
 Tel: +1 408 546-1006   San Josť, California 95131  USA
 My opinions and BMC's are independent variables.