UBNT Security was Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

Brielle Bruns bruns at 2mbit.com
Mon Apr 2 21:37:37 UTC 2018


On 4/2/2018 3:23 PM, Mike Hammett wrote:
> I believe at one point UBNT did block outside management access, but then their customers voiced to bring it back.
> 
> That said, I think they're taking security more seriously going forward.


I'm not entirely sure what Ubnt has changed lately, because I'm not a 
user of the Air* product lines (usually used by the WISPs), but I know 
on, for example the Unifi stuff, while the default password is ubnt/ubnt 
for the devices, as soon as they are paired with a controller, the 
password is set to a random long strong (on a per site basis).

I seem to remember on new EdgeRouter devices they do have you change the 
default password during initial web setup.  CLI stuff, I think still 
have to manually change it from the default.

So yeah, big improvements.

That being said, either way, providers that fail to even basic setup 
tasks like changing the default password do deserve what happens to them.

(Note: I heavily use Ubnt's Unifi and Edge* product lines, so I'm 
probably biased in one way or another.)


-- 
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org


More information about the NANOG mailing list