Greetings,
LONG VERSION:
I have recently inherited the management of an undocumented network (failed FTTH provider) which utilizes World Wide Packets' LightningEdge 427 (16 port GBIC switch) and 311v (24/4 port Ethernet/GBIC switch) switches. We've swapped out a 427 so that we can rebuild it, push it back into the network, and repeat, until everything is under our control.
Trouble is, the lack of documentation extends to passwords, the nature of which preclude any hope of getting in to the switch without resetting to defaults. Fortunately, I can do this without issue, since it is not in active service.
I reset a spare 311v to defaults, but cannot log in to it with any of the logical default passwords. I can only assume the same will be true of the 427.
Sadly, it seems World Wide Packets is now owned by a new company, who will not provide simple documentation without a full support contract. I got them to grudgingly provide the documentation for the customer premise devices (LightningEdge 47's), but my pleas for the switch documentation (and the management software that I believe WWP provided for free) has fallen on deaf ears. I don't have the budget to blow on a support contract just to get one default password (Who would?).
SHORT VERSION:
Does anyone know the default passwords for World Wide Packets 427 and 311v switches?
I will most definitely owe anyone with an answer a beer or four next time they visit Seattle. By the way, the default username/password for the LightningEdge 47 and other WWP CPEs is su/pureethernet. Hopefully that will save someone else some pain. 
Best Regards,
Nathan Eisenberg
One should think the fact that there are default passwords at all should be a cause for alarm, in and of itself.
One should think the fact that there are default passwords at all
should be a cause for alarm, in and of itself.
I must not have been very clear. I'm resetting these switches to factory defaults using the hardware reset button, and attempting to log in using whatever the factory default passwords are. No cause for alarm - the devices as deployed DO NOT have the default passwords on them (probably... without having the factory default passwords for the devices, it's hard to say...)
Anyways, does that make sense?
Right - what I'm saying is the fact that there are default passwords at all is horribly insecure, and that the vendor in question should be prodded to change this dangerous practice.
After weeks on banging my head on this, I figure it out within an hour of posting it to NANOG. You guys are good luck!
For future reference/Google, the factory default password for (at least the LightningEdge 427 - not sure about the 311v yet) these switches is: su/wwp. Obviously, you should change this prior to deployment!
Best Regards,
Nathan Eisenberg
Did you try to get in touch with Ciena people? I'm sure they will be comprehensive about how you get their products (not being exactly a customer).
You could maybe even get an access to products' documentation without providing S/N: https://portal.ciena.com/AccountRequest/index.aspx?mode=MgsZFb3Brzo=
I didn't try myself, but I guess getting the full documentation is worth it.
Ben
Nathan Eisenberg a �crit :
As much as they're a definite security risk, I can't imagine what other
option there is. The closest I can come to a solution is to set a random
password and flash it using a front-panel LED using morse. <grin>
- Matt
heh
No password at all, operator prompted at the console during startup unless/until he sets one. No IP address, et. al. until a password is set.
Right - what I'm saying is the fact that there are default passwords
at
all is horribly insecure, and that the vendor in question should be
prodded to change this dangerous practice.
How is that a risk in any way? Considering that one must have physical
access to reset the unit to factory default, having physical access
pretty much trumps any other security measure.
The fact that there's a factory default means that lots of folks won't change it when they configure the unit with an IP address; they follow this with failing to implement iACLs, and it's pw3nt1me!
;>
> having physical access pretty much trumps any other security
measure.
The fact that there's a factory default means that lots of folks won't
change it when they configure the unit with an IP address; they follow
this with failing to implement iACLs, and it's pw3nt1me!
I suppose it is a philosophical thing with me. I don't believe in
protecting people from their own stupidity. If you try to enforce that,
you end up with organizations making up their own "default" passwords
which can be little better than manufacturer defaults.
Right - what I'm saying is the fact that there are default passwords at
all is horribly insecure, and that the vendor in question should be
prodded to change this dangerous practice.
I don't see how there's a security problem with equipment coming from the factory with factory default passwords.
In my opinion, a breach caused by a reset of equipment to default configuration/passwords would suggest far more basic security issues, which are not at all mitigated by eliminating the existence of default passwords.
I generally try to mitigate the issues further down the stack. I doubt factory default passwords are going anywhere, but even if they did go away, I would still strictly control access to my management interfaces, as well as the reset holes on my equipment, and so I would argue that I would be no more or less secure than I am now.
But maybe I'm missing something?
Best Regards,
Nathan Eisenberg
Yeah. And for devices with no console, only network interfaces, a
default IP address, no default password, and no default route (just in
case they plug it into a real LAN instead of a laptop. 
).
They're much better, since once guess doesn't suffice for all devices; see http://ids.ftw.fm/Home/publications/RouterScan-RAID09-Poster.pdf?attredirects=0 for some indication of just how bad the problem can be. And we all suffer from p0wned devices, because they get turned into bots. Roland is 100% right.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
An option I saw years ago (I forgot on whose equipment) was a default
password which was a function of the equipment's serial number. So you
had to have the algorithm and you needed the serial number which was not
related to the MAC. So if you didn't have physical access, you were not
in a good position to learn the password.
I suspect this was a support nightmare for the vendor and I bet they
went to a more standard (read: the same) factory password.
At the end of the day, minimizing support costs for the vendor (not to
mention likely annoyance for the customer) trumps providing "default"
security for the folks who won't change the default password.
-Jeff
Matthew Palmer wrote:
I think the vendor you're thinking of was Cabletron (now Enterasys). I
had to call them and give them the Serial Number for them to provide me
with the default password to the system after a hard reset (this was for
an ELS100-24TXG 'switch').
-NH
The MyFi apparently does this. According to http://www.nytimes.com/2009/05/07/technology/personaltech/07pogue.html "The network password is printed right there on the bottom of the MiFi itself."
--Steve Bellovin, http://www.cs.columbia.edu/~smb
At least it's not "0000".
But yes, my Mifi *had* the password on the bottom.
At the end of the day, minimizing support costs for the vendor (not to
mention likely annoyance for the customer) trumps providing "default"
security for the folks who won't change the default password.
The MyFi apparently does this. According to
http://www.nytimes.com/2009/05/07/technology/personaltech/07pogue.html"The network password is printed right there on the bottom of the MiFi
itself."
At least it's not "0000".
But yes, my Mifi *had* the password on the bottom.
In a lot of cases, physical access = you're screwed anyway. What's the difference if the password is printed on the box?
If you can't physically protect your kit, that's something else, but aside from things like WAP's which are routinely in 'the open' surely you protect your equipment inside secure racks/cabinets/datacentres such that the physical labelling is inaccessible to those who aren't authorised... ?
As long as the passwords are reasonably secure (ie not generated to a simple
pattern that can be easily brute forced) and they can be changed, I'd
consider that to be pretty reasonable security. As has been mentioned in
this thread already, if someone's got physical access to your equipment
you're dead in the water, security wise, so having the device-specific
"factory" default password on the equipment is far more secure than having a
single factory default password, whilst being *far* more user friendly than
a hash-the-serial-number approach -- or even a "prompt for a password before
I'll do anything" (which, I agree, is the most secure, but is still not very
usable).
For the record, all of my personal networking gear has the admin credentials
(and whatever else I need to get into them, like IP addresses, etc) written
on it. I don't trust myself to remember those over the years, and assuming
that anything else is going to be working when I *need* to get into them
seems awfully optimistic.
- Matt