[87863] in North American Network Operators' Group
Re: Cisco, haven't we learned anything? (technician reset)y
daemon@ATHENA.MIT.EDU (Martin Hannigan)
Thu Jan 12 20:50:56 2006
From: Martin Hannigan <hannigan@world.std.com>
To: william@elan.net ("william(at)elan.net")
Date: Thu, 12 Jan 2006 20:41:44 -0500 (EST)
Cc: jay@west.net (Jay Hennigan), nanog@merit.edu
In-Reply-To: <Pine.LNX.4.62.0601121656350.11476@sokol.elan.net> from "william(at)elan.net" at Jan 12, 2006 05:08:36 PM
Errors-To: owner-nanog@merit.edu
>
>
>
> > Actually, and fairly recently, this IS a default password in IOS. New
> > out-of-box 28xx series routers have cisco/cisco installed as the default
> > password with privilege 15 (full access). This is a recent development.
>
> This is hardly only cisco's problem. Most office routers I've dealt with
> also come with default username/password and on occasions when I dealt
> with existing installation those passwords have rarely been changed.
>
> What should really be done (BCP for manufactures ???) is have default
> password based on unit's serial number. Since most routers provide this
> information (i.e. its preset on the chip's eprom) I don't understand
> why its so hard to just create simple function as part of software to
> use this data if the password is not otherwise set.
Ex: Thot's how a Netscreen 5 works after a reset. The password is the
serial # if I remember correctly.
-M<
