Home page logo

nanog logo nanog mailing list archives

RE: Default Passwords for World Wide Packets/Lightning Edge Equipment
From: "Nick Hale" <nhale () softlayer com>
Date: Wed, 6 Jan 2010 18:13:28 -0600

I think the vendor you're thinking of was Cabletron (now Enterasys).  I
had to call them and give them the Serial Number for them to provide me
with the default password to the system after a hard reset (this was for
an ELS100-24TXG 'switch').


-----Original Message-----
From: Jeffrey I. Schiller [mailto:jis () MIT EDU] 
Sent: Wednesday, January 06, 2010 17:24
To: Matthew Palmer
Cc: nanog () nanog org
Subject: Re: Default Passwords for World Wide Packets/Lightning Edge

Hash: SHA1

An option I saw years ago (I forgot on whose equipment) was a default
password which was a function of the equipment's serial number. So you
had to have the algorithm and you needed the serial number which was not
related to the MAC. So if you didn't have physical access, you were not
in a good position to learn the password.

I suspect this was a support nightmare for the vendor and I bet they
went to a more standard (read: the same) factory password.

At the end of the day, minimizing support costs for the vendor (not to
mention likely annoyance for the customer) trumps providing "default"
security for the folks who won't change the default password.


Matthew Palmer wrote:
On Wed, Jan 06, 2010 at 08:26:25AM +0000, Dobbins, Roland wrote:
Does anyone know the default passwords for World Wide Packets 427
and 311v switches?
One should think the fact that there are default passwords at all
should be a cause for alarm, in and of itself.

As much as they're a definite security risk, I can't imagine what
option there is.  The closest I can come to a solution is to set a
password and flash it using a front-panel LED using morse.  <grin>

- Matt

- --
Jeffrey I. Schiller
MIT Network Manager/Security Architect
PCI Compliance Officer
Information Services and Technology
Massachusetts Institute of Technology
77 Massachusetts Avenue  Room W92-190
Cambridge, MA 02139-4307
617.253.0161 - Voice
jis () mit edu
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]