mailing list archives
Re: Default SSL Keys in Multiple Routers
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Mon, 20 Dec 2010 16:36:15 +0000
LOL. Yeah, it seems like I get myself in this cycle of "OMG, really?" followed by "maybe people are starting to learn"
and then back to disappointment.
To be honest, this was something that I never really considered (shared, persistent keys on routers). In hindsight, it
seems like an obvious concern, but it is still interesting.
From: Michal Zalewski [mailto:lcamtuf () coredump cx]
Sent: Monday, December 20, 2010 8:16 AM
To: Thor (Hammer of God)
Cc: Craig Heffner; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Default SSL Keys in Multiple Routers
These manufacturers use the same key on each of their models? That
seems ridiculous to me...
As a person who had a Siemens AP / router with a hardcoded, hidden
"management" account on it, I find your surprise entertaining ;-)
Craig, cool project.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/