Default Passwords for World Wide Packets/Lightning Edge Equipment

Nathan Eisenberg nathan at atlasnetworks.us
Wed Jan 6 09:49:47 UTC 2010


> Right - what I'm saying is the fact that there are default passwords at
> all is horribly insecure, and that the vendor in question should be
> prodded to change this dangerous practice.

I don't see how there's a security problem with equipment coming from the factory with factory default passwords. 

In my opinion, a breach caused by a reset of equipment to default configuration/passwords would suggest far more basic security issues, which are not at all mitigated by eliminating the existence of default passwords.

I generally try to mitigate the issues further down the stack.  I doubt factory default passwords are going anywhere, but even if they did go away, I would still strictly control access to my management interfaces, as well as the reset holes on my equipment, and so I would argue that I would be no more or less secure than I am now.

But maybe I'm missing something?

Best Regards,
Nathan Eisenberg





More information about the NANOG mailing list