In a recent discussion with VDC analyst Christopher Rommel, we covered challenges in software for telecommunications and networking industry and the effective solutions. An area that often gets overlooked when discussing networking system software issues is security vulnerabilities. This probably has to do with comfort in knowing that the various layers of the network stack present barriers to the intruder. That might be a misguided sense of safety.
To start off, an intruder needs an access point, a connection end point that is reachable over the network. Most telecom/networking devices have a Command Line Interface (CLI) access through a telnet port or a secured SSH port. Very often, these are open ports that are reachable through an IP address that is not behind a VPN or is accessible without a secure tunnel. Even devices that are within the corporate network, such as load balancers, firewalls and WAN optimization appliances, have a reachable IP address that SNMP management clients can get to.
Once a connection point is identified, the exploit is usually related to a stack buffer overflow. By exploiting a buffer overflow in the authentication logic for example, an intruder can execute program instructions without a valid login. Through malicious user inputs and CLI commands, it is possible to cause a stack buffer overflow that results in root access on the device. At the very least, by exploiting a buffer overflow and crashing the system, one can cause a denial of service attack.
One other area of weakness is in use of temporary files on the system to store critical data. If temporary files are used to store logins, a hacker can exploit that weakness to get to and misconfigure the device. The magnitude of such an attack is potentially very large. For example, one can configure a router such that all data-plane traffic (data that the application is communicating between the server and the client application) is routed to insecure and hacker-compromised devices. With the shift to the Software-as-a-Service model for business-critical applications, the integrity of data going through the networking and telecommunications devices is even more essential.
The challenge in preventing such vulnerabilities in C/C++, the languages of choice for most networking systems, is due to some of the language's features. As discussed in this article on language insecurity in Open Source Business Resource, these are:
- Lack of type safety
- Execution of C/C++ programs does not stop as a result of an error making unauthorized access possible.
- " Pointer arithmetic
- o Programmers can change the value of a pointer, and thus read and write anywhere in the process memory space making arbitrary execution of code possible.
- " Static buffers
- o Such buffers do not grow and the access to buffers is not checked for bounds resulting in overflows and overwrites of memory regions.
- " Lack of robust string type
- o C has no native type for character strings, meaning static buffers with potential overflow problems are used instead. In C++, programs can use a String type, though the usage is not very often.
An audit of software at various layers of the network stack is essential to ensure that devices and systems handling enormous amounts of data are not compromised at any layer.