T 5.68 Unauthorised access to active network components

Active network components usually have a serial interface (RS-232) for connecting a terminal or a portable PC from external sources. This allows the active network components to be administered locally as well as remotely.

In the event of inadequately secured interfaces, it is conceivable that attackers gain unauthorised access to the network component. In this way, they could possibly execute all administrative activities after having defeated the local security mechanisms (e.g. the password).

By reading the configuration of active network components, attackers may be able to gain access to information on the topology, the security mechanisms, and the purpose of the network requiring protection. The configuration data can be read by connecting a terminal or portable PC to the serial interface of an active network component, by accessing the active network component over the local network, or by reading the data from a screen or display while an active network component is being administered and/or configured.