Article

Ensure secure routing protocols with access control best practices

Merike Kaeo, Contributing Writer
Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Screen test: App-layer controls beef up perimeter firewalls."

Download it now to read this article plus other related content.

Enterprises have hardened their perimeters with VPNs, firewalls and intrusion detection systems, but organizations need to focus more on securing routing protocols, the fundamental element of any corporate network, typically

    Requires Free Membership to View

remain untouched.

There are basic precautions everyone should take to control physical and logical access to routers. But these measures target the router itself, leaving the routing protocol communication unprotected, in part because security wasn't an explicit consideration when routing protocols evolved in the '80s and '90s. Many of the access control mechanisms inherent in routing protocols exist to avoid routing loops, not to deter malicious users from injecting false routing information.

Nevertheless, by using combinations of route filtering and cryptographic authentication, you can defend your network against intruders bent on injecting invalid routing information to disrupt your network or view critical corporate data.

In the March issue of Information Security magazine, we look at how vulnerable routing protocols are to man-in-the-middle attacks and hijacked sessions and, more importantly, what can be done to reduce those risks.

The key to securing the core routing infrastructure is access control. At a minimum, the following controls should be deployed:

  • Limit physical access to routers to authorized personnel.
  • Use encrypted access, such as SSH, to communicate with routers.
  • If there's a reason to use unencrypted access, such as Telnet, limit the access to specific trusted hosts. If possible, authentication should be based on a one-time password scheme.
  • Have a generic login prompt with no information pertaining to system type or vendor name so a potential attacker won't easily be able to exploit a vulnerability against a specific operating system or vendor.
  • Log all activity, such as configuration changes and image upgrades, to help detect illegal activity.
  • Disable HTTP and SNMP access if they aren't used.

Read the full Information Security magazine feature on securing routing protocols.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: