Default Passwords for World Wide Packets/Lightning Edge Equipment

Jeffrey I. Schiller jis at MIT.EDU
Wed Jan 6 23:24:26 UTC 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

An option I saw years ago (I forgot on whose equipment) was a default
password which was a function of the equipment's serial number. So you
had to have the algorithm and you needed the serial number which was not
related to the MAC. So if you didn't have physical access, you were not
in a good position to learn the password.

I suspect this was a support nightmare for the vendor and I bet they
went to a more standard (read: the same) factory password.

At the end of the day, minimizing support costs for the vendor (not to
mention likely annoyance for the customer) trumps providing "default"
security for the folks who won't change the default password.

			-Jeff

Matthew Palmer wrote:
> On Wed, Jan 06, 2010 at 08:26:25AM +0000, Dobbins, Roland wrote:
>>> Does anyone know the default passwords for World Wide Packets 427 and 311v switches?
>> One should think the fact that there are default passwords at all should be a cause for alarm, in and of itself.
> 
> As much as they're a definite security risk, I can't imagine what other
> option there is.  The closest I can come to a solution is to set a random
> password and flash it using a front-panel LED using morse.  <grin>
> 
> - Matt
> 

- --
========================================================================
Jeffrey I. Schiller
MIT Network Manager/Security Architect
PCI Compliance Officer
Information Services and Technology
Massachusetts Institute of Technology
77 Massachusetts Avenue  Room W92-190
Cambridge, MA 02139-4307
617.253.0161 - Voice
jis at mit.edu
http://jis.qyv.name
========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFLRRuk8CBzV/QUlSsRAuEEAJ4vFWYnMqK3AP1q9y46HzIIMeasoQCfSAkb
CobOYgNelNkZL2ePmd6jwpM=
=zBKR
-----END PGP SIGNATURE-----




More information about the NANOG mailing list