Default Passwords for World Wide Packets/Lightning Edge Equipment
nathan at atlasnetworks.us
Wed Jan 6 09:49:47 UTC 2010
> Right - what I'm saying is the fact that there are default passwords at
> all is horribly insecure, and that the vendor in question should be
> prodded to change this dangerous practice.
I don't see how there's a security problem with equipment coming from the factory with factory default passwords.
In my opinion, a breach caused by a reset of equipment to default configuration/passwords would suggest far more basic security issues, which are not at all mitigated by eliminating the existence of default passwords.
I generally try to mitigate the issues further down the stack. I doubt factory default passwords are going anywhere, but even if they did go away, I would still strictly control access to my management interfaces, as well as the reset holes on my equipment, and so I would argue that I would be no more or less secure than I am now.
But maybe I'm missing something?
More information about the NANOG