bodyType

customContents

entityId

entityUuid

articlePageQuery

filter

article

articleBaseAdvertisingInfoArticle

articleListArticle

articleSeoArticle

hooksArticleAcknowledgementGateOverlayArticle

hooksTrackPageViewArticle

hooksContentInterestArticle

articleLinkingDataContent

hooksAmpRedirectArticle

articleSchemaContent

liveArticle

advertZone

sentiment

contentLock

topics

types

sections

paywallTypes

createdDate

publishedDate

urlAlias

moreOnThisArticles

sponsorType

commentCount

authorLocations

authors

corrections

displaySlideShow

multimediaEmbed

printHeadline

seriesContainer

articleSpeeches

socialHeadline

headline

images

flag

firstTopic

glossary

flattenTypeIds

image

relatedLinks

relatedNewsletters

__typename

sponsor

pdfFiles

seriesReverseOrder

series

disableOffPlatformContent

published

updatedDate

summary

subHeadline

body

keywords

readingTime

customTimezone

liveContents

Computers and other devices using a common networking protocol may be vulnerable to attack.

The warning came yesterday from Cert Co-ordination Centre, a computer security organisation based at Carnegie Mellon University and backed by the United States Department of Defence.

Cert issued an advisory this week warning that the earliest version of Simple Network Management Protocol (SNMP) - used in many software programs, Internet routers and even consumer electronics such as digital cameras - had vulnerabilities that 'may allow unauthorised privileged access, denial-of-service attacks, or cause unstable behaviour'.

The protocol allows devices to be managed remotely.

Cert said the latest version was not affected by the security flaw, though the early version was common enough for the flaw to be of concern.

Cert's advisory included responses from about 50 vendors, including 3Com, Cisco, Microsoft, Compaq, Marconi and Red Hat.

Most advised turning off the SNMP functions until patches were released. Some said patches for their products were available or in the works.

Microsoft said its latest operating system, Windows XP, was not affected. Although Windows 98 contained the vulnerability, SNMP was not switched on in default settings, the company said.

The SNMP vulnerability was discovered last summer by researchers at the University of Oulu in Finland, which then notified Cert. About 250 vendors were contacted by Cert and advised to provide fixes.

According to some reports, this week's advisory was sent out after rumours of the vulnerability began circulating on the Internet and because Cert was dissatisfied with the pace of response from the vendors.

In the worst case, Internet servers and routers could be disabled by hackers exploiting the SNMP security hole, though there have been no reports of such attacks.

Web site Dshield.org, which tracks hacker activity on the Web, said it had not detected any rise in SNMP-related activity.

Cert also recommended either disabling SNMP or moving SNMP traffic to a separate network.

'In situations where blocking or disabling SNMP is not possible, exposure to these vulnerabilities may be limited by restricting all SNMP access to separate, isolated management networks that are not publicly accessible,' it said.

According to research firm Telcordia, more than 137 million host computers were connected to the Internet by the end of last year, up from 97.9 million at the end of 2000.

As the number of connections to the Internet has risen, so has the reporting of security holes. Cert reported 2,437 vulnerabilities last year, compared with 1,040 in 2000.



Security watchdog warns of networking attack danger