[121020] in North American Network Operators' Group
Re: Default Passwords for World Wide Packets/Lightning Edge Equipment
daemon@ATHENA.MIT.EDU (Joe Greco)
Fri Jan 8 02:23:26 2010
From: Joe Greco <jgreco@ns.sol.net>
To: jfbeam@gmail.com (Ricky Beam)
Date: Fri, 8 Jan 2010 01:22:41 -0600 (CST)
In-Reply-To: <op.u569jr00tfhldh@rbeam.xactional.com> from "Ricky Beam" at Jan
08, 2010 12:58:29 AM
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
> While we're on the subject, a lot of leibert gear has a dip switch/jumper
> block to turn passwords off entirely. (of course, that requires physical
> access and a power cycle.)
So do a lot of HP/Compaq servers with integrated lights out management.
Don't think you even need to power cycle (whether you're brave enough to
go poking around the deep innards of an energized server is another
matter). I know the DIP switch on older DL385's is a micro DIP switch
and it's inconveniently located in the middle of the server behind some
stuff.
The good part is that you can clear out unknown passwords as long as you
have access to the chassis innards. The bad part is that I've seen these
left in password bypass mode (though the BIOS thoughtfully warns you of
the status if you do that).
... JG
--
Joe Greco - sol.net Network Services - Milwaukee, WI - http://www.sol.net
"We call it the 'one bite at the apple' rule. Give me one chance [and] then I
won't contact you again." - Direct Marketing Ass'n position on e-mail spam(CNN)
With 24 million small businesses in the US alone, that's way too many apples.