T 5.68 Unauthorised access to active network components

Active network components normally have a serial interface (RS-232) to which an external terminal or portable PC can be connected. This allows the active network components to be administered locally as well.

Insufficiently protected interfaces might allow intruders to gain unauthorised access to network components. After passing local security checks (e.g. through entry of a password), an intruder might be able to perform all administrative functions.

By reading the configuration of active network components, the intruder can gain access to confidential information on the topology, security mechanisms and utilisation of the network. Configuration data can be read by connecting an external terminal or portable PC to the serial interface of the active network component, by accessing the active network component via the local network, or by viewing the data on a screen or display while the active network component is being administered or configured.