[87864] in North American Network Operators' Group
Re: Cisco, haven't we learned anything? (technician reset)
daemon@ATHENA.MIT.EDU (william(at)elan.net)
Thu Jan 12 20:53:04 2006
Date: Thu, 12 Jan 2006 17:52:07 -0800 (PST)
From: "william(at)elan.net" <william@elan.net>
To: Jay Hennigan <jay@west.net>
Cc: nanog@merit.edu
In-Reply-To: <43C70514.3030508@west.net>
Errors-To: owner-nanog@merit.edu
On Thu, 12 Jan 2006, Jay Hennigan wrote:
>> What should really be done (BCP for manufactures ???) is have default
>> password based on unit's serial number. Since most routers provide this
>> information (i.e. its preset on the chip's eprom) I don't understand
>> why its so hard to just create simple function as part of software to use
>> this data if the password is not otherwise set.
>
> The old-school Cisco way works for me. Default is no password if you have
> physical access, but no remote access.
That works too and is most secure way.
But its often enough that small offices would not have person who can fix
the system and its not always possible to get network guy to come in right
a way. It is good for those cases to be able to ask somebody onsite to just
look at the back and dictate the serial# by phone.
--
William Leibzon
Elan Networks
william@elan.net
