What specifically do the vulnerability tests do?
Boreal, and the vulnerability tests available with the SilverCreek TESTS Module, tests the robustness of an SNMP agent in the face of a Denial of Service attack. Some DoS attacks focus on finding vulnerabilities in the encapsulation of SNMP packets. If the agent has any weaknesses at all in the algorithms it uses to decode an SNMP packet, then it is likely to crash, hang, reboot, or exhibit other undesirable behavior. SNMP packets are encapsulated according to ASN.1 which describes the grammar, and BER which describes the translation mechanism, for SNMP packets. The Boreal SNMP vulnerability tests introduce abnormalities into the grammar and the encapsulation of the SNMP packet to make it malformed. The parameters that can be changed for encapsulation are type, length, and payload. By changing the tag (what ASN.1 type is it?),length (how long is the payload?), and value (the payload) to wrong or unexpected values, a normal, valid packet becomes a pathological packet. The Boreal Test Su
Related Questions
- Can the vulnerability assessments, risk assessments and security tests specified in the Security Plan be conducted internally by the applicant?
- What is the difference between IWLs SNMP Vulnerability tests and the free tests available from the University of Oulu?
- How many vulnerability tests does Argus scanner have?
