nanog mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Default Passwords for World Wide Packets/Lightning Edge Equipment

From: Nathan Eisenberg <nathan () atlasnetworks us>
Date: Wed, 6 Jan 2010 01:49:47 -0800
Right - what I'm saying is the fact that there are default passwords at
all is horribly insecure, and that the vendor in question should be
prodded to change this dangerous practice.


I don't see how there's a security problem with equipment coming from the factory with factory default passwords. 

In my opinion, a breach caused by a reset of equipment to default configuration/passwords would suggest far more basic 
security issues, which are not at all mitigated by eliminating the existence of default passwords.

I generally try to mitigate the issues further down the stack.  I doubt factory default passwords are going anywhere, 
but even if they did go away, I would still strictly control access to my management interfaces, as well as the reset 
holes on my equipment, and so I would argue that I would be no more or less secure than I am now.

But maybe I'm missing something?

Best Regards,
Nathan Eisenberg
Previous By Date Next
Previous By Thread Next

Current thread: