[48148] in Cypherpunks

home help back first fref pref prev next nref lref last post

[NOISE] Bad key management

daemon@ATHENA.MIT.EDU (Steven Weller)
Fri Jan 26 11:01:05 1996

Date: Fri, 26 Jan 1996 07:39:51 -0800
To: cypherpunks@toad.com
From: stevenw@best.com (Steven Weller)

From RISKS:

------------------------------

Date: Tue, 23 Jan 1996 20:32:37 -0500 (EST)
From: Ed Ravin <eravin@panix.com>
Subject: I won't tell if you won't...

I just found this browsing through a router manufacturer's "Frequently
Asked Questions" file:

   Q3       I have a bridge/router, and I have forgotten my password.  I am
   no longer able to log in and configure the device(s).  What do I do
   now?

   Do not panic! Enter the following password at the password
   prompt:XYZZYHIMOM.  This should get you into the unit.  Notice!! This is
   a back door to the units, and should not be made available to people
   who do not need to know about it!

And I don't even own one of these routers -- I found this in a reseller's
online catalog.  Back doors in devices that are often hooked directly to
external networks are a Bad Idea, if you ask me.  At least the manufacturer
documented it...

(password above changed to protect the guilty)

Ed Ravin  +1 212 678 5545  eravin@panix.com

------------------------------

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
                                   |  than just a place to find pictures
                                   |  of people having sex with dogs."
stevenw@best.com                   |       -- Time Magazine, 3 July 1995



home help back first fref pref prev next nref lref last post