T 3.65 Incorrect administration of routers and switches

Improper administration of routers and switches may threaten the availability, confidentiality, and integrity of networks. There are different access options regarding the administration of routers and switches that may constitute a security risk if used improperly:

Remote administration

Numerous active network components offer remote administration options with the help of the Telnet service. However, the use of Telnet entails the risk of unauthorised obtainment of access rights, since the data traffic, including user name and password, can be read in clear text.

Many devices provide the option of performing administrative work with the help of the HTTP service. In this case, a HTTP server is started on the router and/or switch; access is performed using any clients and the web browser. The default settings for accessing the web interface are not uniform for all manufacturers. For example, access may be disabled, but it is also possible to use this service in an unprotected manner without entering any user information.

As with the Telnet service, with HTTP the user name and the password are also transmitted in clear text. Moreover, a host of exploits are known which exploit weaknesses of the HTTP servers of different manufacturers.

SNMP

Authentication is performed in SNMPv1 and SNMPv2 using only a single plain-text community string. Almost all manufacturers set the default read community string to "public", while the write community string is usually set to "private". The SNMP community strings are transmitted in clear text in the network. SNMP is often used via insecure networks so that an attacker is able to guess SNMP community strings by reading the data packets (sniffing). After gaining knowledge of the community strings, an attacker may control the network components.

Logging

Security-relevant events on routers and switches are frequently only logged insufficiently. Moreover, a missing alarm component may have adverse effects on the availability, confidentiality, and integrity of the systems.

Missing backup and documentation

Configuration changes on routers and switches are often not backed up or documented. In the event of component failure, the most recently performed changes are not available when restarting the backup system.

© Federal Office for Information Security. All rights reserved.