[87860] in North American Network Operators' Group
Re: Cisco, haven't we learned anything? (technician reset)
daemon@ATHENA.MIT.EDU (Jay Hennigan)
Thu Jan 12 19:36:52 2006
Date: Thu, 12 Jan 2006 16:35:03 -0800
From: Jay Hennigan <jay@west.net>
To: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.62.0601121010260.20115@qentba.nf23028.arg>
Errors-To: owner-nanog@merit.edu
Rob Thomas wrote:
> Hi, NANOGers.
>
> ] On the other hand, the most common practice to hack routers today, is
> ] still to try and access the devices with the notoriously famous default
> ] login/password for Cisco devices: cisco/cisco.
>
> This is NOT a default password in the IOS. The use of "cisco" as
> the access and enable passwords is a common practice by users, but
> it isn't bundled in the IOS. I've heard it began in training
> classes, where students were taught to use "cisco" as the
> passwords.
Actually, and fairly recently, this IS a default password in IOS. New
out-of-box 28xx series routers have cisco/cisco installed as the default
password with privilege 15 (full access). This is a recent development.
To be fair, the box also has a huge default login banner urging the user
to delete that username/password pair. But we all know how much
attention is paid to huge, verbose banners, disclaimers, click-to-agree
dialog boxes, etc.
--
Jay Hennigan - CCIE #7880 - Network Administration - jay@west.net
NetLojix Communications, Inc. - http://www.netlojix.com/
WestNet: Connecting you to the planet. 805 884-6323
