[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[NOISE] Bad key management



>From RISKS:

------------------------------

Date: Tue, 23 Jan 1996 20:32:37 -0500 (EST)
From: Ed Ravin <[email protected]>
Subject: I won't tell if you won't...

I just found this browsing through a router manufacturer's "Frequently
Asked Questions" file:

   Q3       I have a bridge/router, and I have forgotten my password.  I am
   no longer able to log in and configure the device(s).  What do I do
   now?

   Do not panic! Enter the following password at the password
   prompt:XYZZYHIMOM.  This should get you into the unit.  Notice!! This is
   a back door to the units, and should not be made available to people
   who do not need to know about it!

And I don't even own one of these routers -- I found this in a reseller's
online catalog.  Back doors in devices that are often hooked directly to
external networks are a Bad Idea, if you ask me.  At least the manufacturer
documented it...

(password above changed to protect the guilty)

Ed Ravin  +1 212 678 5545  [email protected]

------------------------------

-------------------------------------------------------------------------
Steven Weller                      |  "The Internet, of course, is more
                                   |  than just a place to find pictures
                                   |  of people having sex with dogs."
[email protected]                   |       -- Time Magazine, 3 July 1995