[121253] in North American Network Operators' Group
Re: Default Passwords for World Wide Packets/Lightning Edge Equipment
daemon@ATHENA.MIT.EDU (Graeme Fowler)
Wed Jan 13 15:35:35 2010
From: Graeme Fowler <graeme@graemef.net>
To: nanog@nanog.org
In-Reply-To: <B4EF627A-A9C9-4645-B8AD-C51B1E81B953@cs.columbia.edu>
Date: Wed, 13 Jan 2010 20:34:44 +0000
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Wed, 2010-01-13 at 15:12 -0500, Steven Bellovin wrote:
> Lots of gear has a button/jumper/pop_the_CMOS battery/other_physical_presence_magic to reset things to factory state, including the default pw. The threat went on to why default passwords are bad, to passwords on the bottom of the device, to RFIDs because the devices of interest to this community are racked and stacked -- and back to theme #2: default passwords are bad...
And somewhere in the dim and distant past (Jan 6th), Nathan announced
that he'd sorted out his original problem and now had the defaults.
What a peculiar bunch we are. And this from the group lauded as
anonymously and peacefully co-existing to hold the Internet together,
eh?
Graeme
