Cisco, haven't we learned anything? (technician reset)
Jay Hennigan
jay at west.net
Fri Jan 13 00:35:03 UTC 2006
Rob Thomas wrote:
> Hi, NANOGers.
>
> ] On the other hand, the most common practice to hack routers today, is
> ] still to try and access the devices with the notoriously famous default
> ] login/password for Cisco devices: cisco/cisco.
>
> This is NOT a default password in the IOS. The use of "cisco" as
> the access and enable passwords is a common practice by users, but
> it isn't bundled in the IOS. I've heard it began in training
> classes, where students were taught to use "cisco" as the
> passwords.
Actually, and fairly recently, this IS a default password in IOS. New
out-of-box 28xx series routers have cisco/cisco installed as the default
password with privilege 15 (full access). This is a recent development.
To be fair, the box also has a huge default login banner urging the user
to delete that username/password pair. But we all know how much
attention is paid to huge, verbose banners, disclaimers, click-to-agree
dialog boxes, etc.
--
Jay Hennigan - CCIE #7880 - Network Administration - jay at west.net
NetLojix Communications, Inc. - http://www.netlojix.com/
WestNet: Connecting you to the planet. 805 884-6323
More information about the NANOG
mailing list