[OPSEC] [opsec] considerations for and protection against misconfiguration attacks ?
Toerless Eckert <tte@cs.fau.de> Fri, 13 August 2021 17:42 UTC
Return-Path: <eckert@i4.informatik.uni-erlangen.de>
X-Original-To: opsec@ietfa.amsl.com
Delivered-To: opsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7E6EE3A209D for <opsec@ietfa.amsl.com>; Fri, 13 Aug 2021 10:42:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.119
X-Spam-Level:
X-Spam-Status: No, score=-1.119 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.001, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CQvZB8BlQ11b for <opsec@ietfa.amsl.com>; Fri, 13 Aug 2021 10:42:03 -0700 (PDT)
Received: from faui40.informatik.uni-erlangen.de (faui40.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:40]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AEE163A20A2 for <opsec@ietf.org>; Fri, 13 Aug 2021 10:42:03 -0700 (PDT)
Received: from faui48f.informatik.uni-erlangen.de (faui48f.informatik.uni-erlangen.de [IPv6:2001:638:a000:4134::ffff:52]) by faui40.informatik.uni-erlangen.de (Postfix) with ESMTP id 6EAA9548049 for <opsec@ietf.org>; Fri, 13 Aug 2021 19:41:57 +0200 (CEST)
Received: by faui48f.informatik.uni-erlangen.de (Postfix, from userid 10463) id 62EED4400EF; Fri, 13 Aug 2021 19:41:57 +0200 (CEST)
Date: Fri, 13 Aug 2021 19:41:57 +0200
From: Toerless Eckert <tte@cs.fau.de>
To: opsec@ietf.org
Message-ID: <20210813174157.GN23297@faui48f.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/opsec/H_L9bYEj69_dCaUb6YRRfD5d3gk>
Subject: [OPSEC] [opsec] considerations for and protection against misconfiguration attacks ?
X-BeenThere: opsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: opsec wg mailing list <opsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/opsec>, <mailto:opsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/opsec/>
List-Post: <mailto:opsec@ietf.org>
List-Help: <mailto:opsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/opsec>, <mailto:opsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Aug 2021 17:42:16 -0000
In the process of reviews for draft-ietf-bier-te, i ran into
the question what the BCP are wrt. attacks via intentional misconfiguration.
A) Is this somehing that should it be mentioned in security considerations ?
I can not remember examples of misconfig attack in RFC
security considerations. At least not for common issues that i can
think of. But those would relate all to older standards. Maybe
newer standards are better. Example would be nice.
B) Do we have any guidance or even explicit specs in support
of minimizing the risk of misconfigurations attacks ?
For example, the attacks in under question where against misconfiguring
routing via e.g.: static routes or similar functionality directly
impacting local forwading plane. If i built a router where there is
no such local CLI, but i would only make it available via e.g.: via
authenticated NetConf, and the router infra was set up to not allow
to change this (locked down hardware so to speak), this would
significantly change the attack vector. Do we have anything like this
in any specs or even as options in YANG models ?
Cheers
Toerless
- [OPSEC] [opsec] considerations for and protection… Toerless Eckert