Cisco, haven't we learned anything? (technician reset)
william(at)elan.net
william at elan.net
Fri Jan 13 01:52:07 UTC 2006
On Thu, 12 Jan 2006, Jay Hennigan wrote:
>> What should really be done (BCP for manufactures ???) is have default
>> password based on unit's serial number. Since most routers provide this
>> information (i.e. its preset on the chip's eprom) I don't understand
>> why its so hard to just create simple function as part of software to use
>> this data if the password is not otherwise set.
>
> The old-school Cisco way works for me. Default is no password if you have
> physical access, but no remote access.
That works too and is most secure way.
But its often enough that small offices would not have person who can fix
the system and its not always possible to get network guy to come in right
a way. It is good for those cases to be able to ask somebody onsite to just
look at the back and dictate the serial# by phone.
--
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list