[121252] in North American Network Operators' Group
Re: Default Passwords for World Wide Packets/Lightning Edge Equipment
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Wed Jan 13 15:19:02 2010
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <11B064048F34FD4094CBA16FC04BE2198655E544@ex01>
Date: Wed, 13 Jan 2010 15:12:28 -0500
To: Nathan Eisenberg <nathan@atlasnetworks.us>
Cc: "nanog@nanog.org" <nanog@nanog.org>,
"nonobvious@gmail.com" <nonobvious@gmail.com>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 13, 2010, at 2:47 PM, Nathan Eisenberg wrote:
> Not if you change the default password like any sane admin does...
This is from the OP:
I have recently inherited the management of an undocumented =
network (failed FTTH provider) which utilizes World Wide Packets' =
LightningEdge 427 (16 port GBIC switch) and 311v (24/4 port =
Ethernet/GBIC switch) switches. =20
...
Does anyone know the default passwords for World Wide Packets =
427 and 311v switches?
Lots of gear has a button/jumper/pop_the_CMOS =
battery/other_physical_presence_magic to reset things to factory state, =
including the default pw. The threat went on to why default passwords =
are bad, to passwords on the bottom of the device, to RFIDs because the =
devices of interest to this community are racked and stacked -- and back =
to theme #2: default passwords are bad...
--Steve Bellovin, http://www.cs.columbia.edu/~smb
