Cisco, haven't we learned anything? (technician reset)

• Previous message (by thread): Cisco, haven't we learned anything? (technician reset)
• Next message (by thread): Cisco, haven't we learned anything? (technician reset)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rob Thomas wrote:

> Hi, NANOGers.
> 
> ] On the other hand, the most common practice to hack routers today, is
> ] still to try and access the devices with the notoriously famous default
> ] login/password for Cisco devices: cisco/cisco.
> 
> This is NOT a default password in the IOS.  The use of "cisco" as
> the access and enable passwords is a common practice by users, but
> it isn't bundled in the IOS.  I've heard it began in training
> classes, where students were taught to use "cisco" as the
> passwords.

Actually, and fairly recently, this IS a default password in IOS.  New 
out-of-box 28xx series routers have cisco/cisco installed as the default 
password with privilege 15 (full access).  This is a recent development.

To be fair, the box also has a huge default login banner urging the user 
to delete that username/password pair.  But we all know how much 
attention is paid to huge, verbose banners, disclaimers, click-to-agree 
dialog boxes, etc.

-- 
Jay Hennigan - CCIE #7880 - Network Administration - jay at west.net
NetLojix Communications, Inc.  -  http://www.netlojix.com/
WestNet:  Connecting you to the planet.  805 884-6323

• Previous message (by thread): Cisco, haven't we learned anything? (technician reset)
• Next message (by thread): Cisco, haven't we learned anything? (technician reset)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]