IETF to tighten SNMP security features

The Internet Engineering Task Force is working to make it harder to hack into network hardware via SNMP.

Building on SNMPv3, members of the IETF are pushing for enhancements that would beef up the version's authentication and encryption features. One draft document proposes a more robust key change mechanism, and another upcoming proposal would upgrade the encryption of SNMPv3 from Data Encryption Standard to Triple-DES.

A more secure version than its predecessors, SNMPv3 is not widely used as yet, but interest in the draft standard is growing. One of the drafts standard's most vocal supporters is UUNET. "SNMPv1, for anything other than read-only mode, is only safe behind a firewall," says Mike O'Dell, UUNET senior vice president and chief scientist.

ISPs, due to the nature of their businesses, have a lot of network equipment exposed to the outside world, O'Dell says. Currently, UUNET uses SNMP only for monitoring its devices, turning off the "set" function that would allow configuration and control.

The need to perform remote configuration extends beyond network devices. As more intelligent software agents are deployed across networks, the ability to configure these agents securely over the networks becomes more critical, says Jeff Case, founder and chief technical officer of SNMP Research in Knoxville, Tenn.

Such agents could monitor network services and be configured to corrective actions to keep the services running, Case says. If communications to the agents aren't secure, a malicious hacker could tell the agents to take destructive actions.

Another good reason to use SNMPv3 is its support for larger data fields. Because of its high speed, Gigabit Ethernet could quickly use up a 32-bit counter, O'Dell says. Version 3 supports 64-bit integers.

But security is the primary concern, and SNMP has to keep up with the latest security advances to stay ahead of hackers, says David Reeder, a computer scientist at Network Associates, who is helping to push for Triple-DES support in the management protocol. He points out that DES can be broken in a matter of hours.

In Version 3, the IETF is fixing another shortcoming that exists in Version 1: If someone knows the existing key and can tap into the packets being exchanged as a new key is assigned, that person will know the new key. In the proposed addition to the standard, new keys have no relation to old keys.

Almost as important as adding these functions is showing that they can be added easily, Reeder says. Because new security functions will have to be developed as hackers' skills improve, SNMP has to be flexible enough to accept new functions easily. These enhancements are a test of that ability, he adds.

In the meantime, increasing the presence of SNMPv3 is just beginning, says John Mc-Connell, president of McCon-nell Associates in Boulder, Colo. Support in network devices really started only this year. "Until you get a lot of devices speaking SNMPv3, it's like you're all dressed up for the dance and have no place to go," he says.