AusCERT issues warning on computer network vulnerability

The Australian Computer Emergency Response Team (AusCERT), today warned about a new computer network vulnerability which could pose a serious security threat to numerous networks on the Internet.

General manager of The University of Queensland-based AusCERT, Graham Ingram, said the vulnerability involved the Simple Network Management Protocol (SNMP) - a commonly used service that provides network management and monitoring capabilities.

“The vulnerability is of particular concern because of the sheer number of networks that utilise SNMP or which provide SNMP services in some capacity,” Mr Ingram said.

“If vulnerable networks are attacked, it has the potential to stop traffic both within the network and to and from the Internet.

“We are currently unaware of any automated tool that exists that would allow hackers to exploit these vulnerabilities.

However, as with most computer vulnerabilities it is usually only a matter of time before a hacker works out how to write a program that will exploit these vulnerabilities and shares his program with other hackers,” Mr Ingram said.

“It is therefore vital that networks do what they can now to secure their systems as best they can.

“It is also important to remember that although these vulnerabilities are potentially serious, there are effective mitigation strategies that can be adopted to reduce the likelihood of a successful attack.”

AusCERT released its warning to coincide with similar public releases made by other computer emergency response teams in the US, Canada and the UK.

Information about protection mitigation strategies for this problem can be found on AusCERT’s web site at www.auscert.org.au - click on "New and Updated".

Media: for more information contact Peter McCutcheon at UQ Communications on 07 3365 1088 or 0413 380012