Vulnerability Development mailing list archives

Re: default passwords...partII

From: joe () NOWALLS COM (Joe Jenkins)
Date: Wed, 5 Jul 2000 09:21:07 -0600


I can host it on my webserver, if you want.  I already have a database back
end and people have been posting to it.  Let me know what you want to do,
and if we set it up there, i'll code more functionality into it.  Currently:
http://www.nerdnet.com/security/index.php
Is the list system, and I will add more code, and all the passwd lists I
have to it (including those I got off the list here.)

Joe

-----Original Message-----
From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of
Daniel SALAGEAN
Sent: Tuesday, July 04, 2000 7:59 PM
To: VULN-DEV () SECURITYFOCUS COM
Subject: Re: default passwords...partII

On Wed, 5 Jul 2000, Roelof Temmingh wrote:

All,

Thanks again for all the replies - I have tried to put everything on

there, and

give credit where needed:

http://wips.sensepost.com/defaultpasswords.html

Some things - my idea with the list was not to include default Unix/VMS/MS
usernames and passwords - I have seen some of those around, and I have no

need

to replicate it. My idea was also not to include BIOS passwords for the

same

reason.

The list is furthermore not a complete list - some of the passwords need
console access and some need special ports. I have included some of this
information - but heck - you can figure out yourselves (port scans etc).

If

someone wants to redo the list with SNMP community names, special notes,

etc.

etc. I am sure it will be appreciated. I publish my list and will try to

keep

it up to date. The idea is not to make the list my own but rather to get

the

ppl on here to help me/someone to build the list - to get the damn list
mirrored on a few sites so that search thingies pick them up.

Maybe someone with some time on hands will register

www.defaultpasswords.com:)

, and add BIOS/Unix/VMS/MS/CMP/Oracle/SQL/IIS/etc/etc defaults to it with

nice front end - that would be great.. I just want it to exists. Joe

Jenkins

has a nice page for this: http://www.nerdnet.com/security/index.php. Maybe

we

can get this replicated somewhere?


OK..I registered that domain, it will be up in 24h. I can give some space
for hosting, but I need the page to post it, 'cause I don't have really
that much time :) So, who wanna do it, please email it to me.

Domain Names Registered:
defaultpasswords.com
defaultpasswords.net

Best regards,

                      L i n u x   S e c u r i t y   S y s t e m s
                                    Daniel SALAGEAN
                                 Romania Division CEO
                      tel: +40 (93) 412-832    email: danys () lss ro

Current thread:

Re: Default passwords, (continued)
- - - Re: Default passwords Cold Fire (Jul 03)
    - default password list - round 1. Roelof Temmingh (Jul 04)
    - Re: default password list - round 1. Jonathan Leto (Jul 04)
    - Maximum Linux Security (d/l) Arturo Busleiman (Jul 04)
    - Re: Maximum Linux Security (d/l) Korhan Gurler (Jul 04)
    - RES: Maximum Linux Security (d/l) Guilherme Mesquita (Jul 04)
    - Re: RES: Maximum Linux Security (d/l) Richard Rager (Jul 04)
    - Any Critical Path N-Plex vulnerabilities ? Juan M. Courcoul (Jul 05)
    - default passwords...partII Roelof Temmingh (Jul 04)
    - Re: default passwords...partII Daniel SALAGEAN (Jul 04)
    - Re: default passwords...partII Joe Jenkins (Jul 05)
    - Re: default passwords...partII Daniel SALAGEAN (Jul 05)
    - Re: default passwords...partII CouNT (Jul 06)
    - Re: default passwords...partII Max Vision (Jul 04)
    - Formatting bugs (was BitchX /ignore bug) Kotz (Jul 04)
    - Re: Maximum Linux Security (d/l) Renato Murilo Langona (Jul 04)
    - BitchX /ignore bug Rick Jansen (Jul 04)
    - Re: BitchX /ignore bug Blue Boar (Jul 04)
    - Re: BitchX /ignore bug Ron DuFresne (Jul 05)
    - Re: BitchX /ignore bug nohican () MARCELLA NIETS ORG (Jul 05)
    - Re: BitchX /ignore bug Steve Mosher (Jul 05)

(Thread continues...)