On Jan 6, 2010, at 4:43 AM, George Bonser wrote:
-----Original Message-----
having physical access pretty much trumps any other security measure.
The fact that there's a factory default means that lots of folks won't change it when they configure the unit with an IP address; they follow this with failing to implement iACLs, and it's pw3nt1me!
I suppose it is a philosophical thing with me. I don't believe in protecting people from their own stupidity. If you try to enforce that, you end up with organizations making up their own "default" passwords which can be little better than manufacturer defaults.
They're much better, since once guess doesn't suffice for all devices; see http://ids.ftw.fm/Home/publications/RouterScan-RAID09-Poster.pdf?attredirect... for some indication of just how bad the problem can be. And we all suffer from p0wned devices, because they get turned into bots. Roland is 100% right. --Steve Bellovin, http://www.cs.columbia.edu/~smb