Wednesday, June 11, 2008

Security best practices = How to enable vulnerabilities ?

Today Cisco published a new security advisory regarding SNMPv3 (CVSS Base Score 10).

Successful exploitation of these vulnerabilities could result in the disclosure of sensitive information on a device or allow an attacker to make configuration changes to a vulnerable device that is based on the SNMP configuration.

A few days ago it was SSH's turn (CVSS Base Score 7.8).

Successful exploitation of these vulnerabilities may result in a spurious memory access or, in certain cases, reload the device potentially resulting in a DoS condition.

The usage of both of these protocols is recommended by Cisco in its best practices docs instead of SNMPv2/v1 and telnet respectively.

In an effort to prevent information disclosure or unauthorized access to the data that is transmitted between the administrator and the device, transport input ssh should be used instead of clear-text protocols, such as Telnet and rlogin.
...
SNMPv3 provides secure access to devices by authenticating and optionally encrypting packets over the network. Where supported, SNMPv3 can be used in order to add another layer of security when deploying SNMP.

So what's the catch?

Do people have to meet new vulnerabilities, while trying to make their networks more secure?

No comments:

Post a Comment

 
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 United States License.
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-Share Alike 3.0 Greece License.