[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: FW: Updating the MIB security guidelines

To: mibs@ops.ietf.org
Subject: RE: FW: Updating the MIB security guidelines
From: Randy Presuhn <rpresuhn@dorothy.bmc.com>
Date: Wed, 13 Nov 2002 17:16:04 -0800 (PST)

Hi -

I like the idea of providing some help to those deploying these
MIBs to set up reasonable security policies, but agree that the
topic will probably require more discussion / explanation than
will comfortably fit in the boilerplate.

A family of MIB-related security considerations not covered by
the proposed boilerplate came up in the adslmib working group.
For an example, see RFC 3276, where it says:

   HDSL2-SHDSL layer connectivity from the xtuR will permit the
   subscriber to manipulate both the HDSL2-SHDSL link directly and the
   HDSL2-SHDSL embedded  operations channel (EOC) for their own loop.
   For example, unchecked or unfiltered fluctuations initiated by the
   subscriber could generate sufficient notifications to potentially
   overwhelm either the management interface to the network or the
   element manager.

Though the DSL mibs are perhaps a special case, I think in
general the security considerations section needs to talk
about notifications if the MIB module defines any.  Strawman:

   If the MIB module defines any notification types, the
   sensitivity of any variable bindings they would include
   (and of the very existence of the notifications on the
   wire or in a log) should be noted.  If an implementation's
   environment can be manipulated in such a ways as to mount
   a denial of service attack via these notifications, this
   should also be noted.

(I don't want to re-open the notification throttling discussion
here.  Let's just assume that the decision whether to throttle
or not will already have been made for other good reasons by
the time the WG gets around to fleshing out this section.  :-)

 ------------------------------------------------------
 Randy Presuhn          BMC Software, Inc.  SJC-1.3141
 randy_presuhn@bmc.com  2141 North First Street
 Tel: +1 408 546-1006   San José, California 95131  USA
 ------------------------------------------------------
 My opinions and BMC's are independent variables.
 ------------------------------------------------------

Follow-Ups:
- New Boiler Plate and Security Guidelines
  - From: Margaret Wasserman <mrw@windriver.com>

Prev by Date: RE: FW: FW: Updating the MIB boilerplate
Next by Date: RE: FWD: Restart ifmib WG?
Previous by thread: RE: FW: Updating the MIB security guidelines
Next by thread: New Boiler Plate and Security Guidelines
Index(es):
- Date
- Thread