nanog mailing list archives

Re: UBNT Security was Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE

From: Brielle Bruns <bruns () 2mbit com>
Date: Mon, 2 Apr 2018 15:37:37 -0600

On 4/2/2018 3:23 PM, Mike Hammett wrote:

I believe at one point UBNT did block outside management access, but then their customers voiced to bring it back.

That said, I think they're taking security more seriously going forward.

I'm not entirely sure what Ubnt has changed lately, because I'm not auser of the Air* product lines (usually used by the WISPs), but I knowon, for example the Unifi stuff, while the default password is ubnt/ubntfor the devices, as soon as they are paired with a controller, thepassword is set to a random long strong (on a per site basis).

I seem to remember on new EdgeRouter devices they do have you change thedefault password during initial web setup. CLI stuff, I think stillhave to manually change it from the default.


So yeah, big improvements.

That being said, either way, providers that fail to even basic setuptasks like changing the default password do deserve what happens to them.

(Note: I heavily use Ubnt's Unifi and Edge* product lines, so I'mprobably biased in one way or another.)



--
Brielle Bruns
The Summit Open Source Development Group
http://www.sosdg.org    /     http://www.ahbl.org

Current thread:

Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE, (continued)
- - - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Seth Mattinen (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE nop (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE John R. Levine (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Alan Buxey (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE James R Cutler (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Mike Hammett (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Hank Nussbacher (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Florian Weimer (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Brielle Bruns (Apr 02)
    - UBNT Security was Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Mike Hammett (Apr 02)
    - Re: UBNT Security was Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Brielle Bruns (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Rhys Williams (Apr 03)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Stephen Satchell (Apr 03)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Justin Wilson (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Jason Kuehl (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Matt Hoppes (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Jason Kuehl (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Marty Strong via NANOG (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE John Levine (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE Brett Watson (Apr 02)
    - Re: Cloudflare 1.1.1.1 public DNS broken w/ AT&T CPE mike . lyon (Apr 02)

(Thread continues...)