OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: default password list (3Com switches)
From: Tymm Twillman (tymmCOE.MISSOURI.EDU)
Date: Mon Jul 10 2000 - 20:56:19 CDT


Well, this is one of those "documented but not all that often read"
dealies. It's right there in the manual.

However the other obnoxious thing that those who don't read the manual
also don't find out is that by default these switches will use DHCP to get
an IP address and default route. So, yeah, those who think of
switches as a drop-in-and-ignore solution, they're leaving themselves open
to some nice DOS attacks (Hey, let's shut down all the ports on this here
switch...) and other fun games.

Anyhow, at least in my opinion, any networking hardware that has an RS232
port should be plugged into and poked at a bit before being thrown into
production. Generally first thing I do with stuff like this is disable
dhcp/external network access to management features and set up a serial
concentrator on a secure host for management.

Much more fun, btw, is Alteons, which also DHCP, where folks don't change
the password ("admin") and leave the web config util running. point and
click your way to some real fun -- of course there's also a nice CLI
w/telnet access.

-Tymm

On Mon, 10 Jul 2000, Luis Pinto wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> I think these havent showed up, so here they are:
>
> Default passwords for 3com Superstack Switch II (1100 and 3300, possibly
> others):
>
> Monitor access level:
> username: monitor
> password: monitor
>
> manager access level:
> username: manager
> password: manager
>
> Security access level:
> username: admin
> password: <no password>
>
> or:
> username: security
> password: security
>
>
> My apologies if it is not new...
>
> Regards,
> Luis Pinto
> - --------------------------------------------------------------------------
> http://student.dei.uc.pt/~lmpinto ICQ #15663369 Finger for PGP key
> - --------------------------------------------------------------------------
> Writing about music is like dancing about architecture.
> -- Frank Zappa
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP 6.5.1i
>
> iQA/AwUBOWoQvYfF8HgH+Y51EQKLbQCfZgbD3RT323bLtjyCBSEkJXId6oQAoPpp
> A3vy804VHSHYPVkv4ianecbO
> =HD1u
> -----END PGP SIGNATURE-----
>