Multi-Sector Internet Outages"
The National Infrastructure
Protection Center is aware of potential vulnerabilities existing within the
Simple Network Management Protocol (SNMP) -- a protocol used by routers,
switches and hubs on the Internet and other related equipment. To date, there
have been no confirmed exploitations of these vulnerabilities. However, action
may be required to prevent the possibility of criminal exploitation by malicious
hackers. NIPC has been monitoring the vulnerabilities and is working to address
the issue and minimize potential disruption.
Due to the widespread
use of the SNMP, the number of affected products is extensive. NIPC, along
with Carnegie Mellon University's Computer Emergency Response Team/Coordination
Center (CERT/CC), is working with other government agencies, network security
experts, and industry representatives to define, prioritize, and mitigate
these vulnerabilities. In the absence of a specific SNMPv1 vulnerability
and patch, the following list of "best practices" has been suggested by CERT/CC:
For additional information
on preventing the exploitation of computer systems, visit the CERT/CC homepage
Actual or attempted hacking is a serious federal offense that could land first time offenders in jail for ten years and repeat offenders in jail for 20 years. The NIPC encourages the reporting of computer intrusions to local FBI offices or the NIPC Watch and Warning Unit at (202) 323-3205 or 1(888) 585-9078. You can also e-mail NIPC at firstname.lastname@example.org. In addition, incidents can be reported online at http://www.nipc.gov/incident/cirr.htm.