Interesting article:
http://www.cisco.com/warp/public/707/cisco-sa-20040407-username.shtml
Any of you system admins out there with Cisco hardware should give this a serious read.
TKSS
Recommended Answers
Jump to PostWow.
How dumb is this? You'd think that in this day and age with all of these security fears we've got going around, Cisco of all places, which offers a FREAKING INTERNET SECURITY CERTIFICATION would have thought better than to hard-code a username/password pair into their firmware.
Ah …
All 3 Replies
alc6379
120
Cookie... That's it
Team Colleague
Wow.
How dumb is this? You'd think that in this day and age with all of these security fears we've got going around, Cisco of all places, which offers a FREAKING INTERNET SECURITY CERTIFICATION would have thought better than to hard-code a username/password pair into their firmware.
Ah well... at least they released a patch... :rolleyes:
i686-linux
75
Posting Whiz in Training
APC has done the same thing too. It is really disturbing that these big companies would include such backdoors. All it takes is one disgruntled employee to cause a lot of havoc. Sure, the developers of the systems would know of bugs, and other exploits as they did create the product, but setting up a straight-forward backdoor is a bit much.
TKSS
Agreed. One disgruntled employee (bad apple) can spoil the lot. Why would they include it in their hardware? Sounds like leaving the key underneath the doormat if you know what I mean...and then putting up a sign with an arrow that points under the mat and says "key" (pink neon, blink blink, blinkety blink)
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.