Penetration Testing mailing list archives

RE: Default Admin Account

From: "Prodigi Child" <prodigi.child () gmail com>
Date: Wed, 4 Feb 2009 01:38:49 -0600

On the default admin accounts on US Military machines, I think that poor (or
even negligent) security is no excuse for a compromising a system. To borrow
from the port scanning debates, leaving my front door wide open doesn't give
someone permission to invade my home.



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of J.Hart, Elec.Eng.Tech.
Sent: Monday, February 02, 2009 10:49 AM
To: pen-test () securityfocus com
Subject: Default Admin Account

Hey all,

I have been following the Gary McKinnon case for years now.
My interest is in the legal area of penetration testing and the
evolution of cyber law.
What do IT Security experts and pen-testers think about the default
administration account on the US Military machines? You can read about
the case here http://freegary.org.uk/

-- 
"For the best in web site design - StarNET
http://www.s-t-a-r.net

Current thread:

Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 03)
- RE: Default Admin Account Prodigi Child (Feb 05)
  - Re: Default Admin Account J. Oquendo (Feb 09)
    - RE: Default Admin Account Prodigi Child (Feb 10)
    - Re: Default Admin Account David Howe (Feb 11)
- Message not available
  - Re: Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 05)
    - Re: Default Admin Account Paul Slade (Feb 10)
    - RE: Default Admin Account Levenglick, Jeff (Feb 10)
    - Re: Default Admin Account R. DuFresne (Feb 10)
    - Re: Default Admin Account M.D.Mufambisi (Feb 10)
    - Re: Default Admin Account J. Oquendo (Feb 11)
    - Re: Default Admin Account J.Hart, Elec.Eng.Tech. (Feb 11)

(Thread continues...)