Member Avatar

Interesting article:
http://www.cisco.com/warp/public/707/cisco-sa-20040407-username.shtml

Any of you system admins out there with Cisco hardware should give this a serious read.

Recommended Answers

All 3 Replies

Wow.

How dumb is this? You'd think that in this day and age with all of these security fears we've got going around, Cisco of all places, which offers a FREAKING INTERNET SECURITY CERTIFICATION would have thought better than to hard-code a username/password pair into their firmware.

Ah well... at least they released a patch... :rolleyes:

APC has done the same thing too. It is really disturbing that these big companies would include such backdoors. All it takes is one disgruntled employee to cause a lot of havoc. Sure, the developers of the systems would know of bugs, and other exploits as they did create the product, but setting up a straight-forward backdoor is a bit much.

Member Avatar

Agreed. One disgruntled employee (bad apple) can spoil the lot. Why would they include it in their hardware? Sounds like leaving the key underneath the doormat if you know what I mean...and then putting up a sign with an arrow that points under the mat and says "key" (pink neon, blink blink, blinkety blink)

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.