DPE - Default Password Enumeration standarization released

["SD List" <list () security-database com>]

Dear all,

We are again proud and happy to announce that we have just launched a new
Enumeration Project with the hope it will be useful for the security
community.

It can then be used along with softwares that integrates standards as well
as OVAL, SCAP and others.

DPE is the security-database naming scheme that provides structured
enumeration of default logons and passwords of network devices,
applications and Operating Systems.

The main goal is to increase the "password auditing scanners"
interoperability potential. Any kind of tool integrating the XML DPE
scheme will be able to identify and report default access configurations
on specific devices, softwares or operating systems.

Taking into account the benefits of SecurityMetrics standards principles,
DPE integrates the CPE naming scheme (cpe.mitre.org) to describe
information technology systems, plateforms and packages.

DPE provides the default usernames and passwords information for the
following :

- Operating Systems : Unix, Linux, Windows, iSeries AS/400 ...
- Network devices : Routers, firewalls, switches, printers
- Databases : Oracle, MySQL, MS SQL and more
- Web applications : WebSphere, Apache ...
- Administrative Web Based solutions
- Telephony devices and SIP systems
- Other: specific applicances.

See online : More Information and DPE Scheme
(www.security-database.com/dpe.php)

We are opened to all your suggestions and contributions to compile this
schema and associated repositories.

Regards

security-database.com team

www.security-database.com


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes in 
Securing Web Applications
Get 45 Min Video and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------