Default Passwords for World Wide Packets/Lightning Edge Equipment

Valdis_Kletnieks · January 13, 2010, 8:00pm

That's a possible solution to the wand, which is the least of my problems.

My *big* problem at that point is I have an unauthorized person in my
server room.

Steven_Bellovin · January 13, 2010, 8:12pm

This is from the OP:

I have recently inherited the management of an undocumented network (failed FTTH provider) which utilizes World Wide Packets' LightningEdge 427 (16 port GBIC switch) and 311v (24/4 port Ethernet/GBIC switch) switches.

...

Does anyone know the default passwords for World Wide Packets 427 and 311v switches?

Lots of gear has a button/jumper/pop_the_CMOS battery/other_physical_presence_magic to reset things to factory state, including the default pw. The threat went on to why default passwords are bad, to passwords on the bottom of the device, to RFIDs because the devices of interest to this community are racked and stacked -- and back to theme #2: default passwords are bad...

--Steve Bellovin, http://www.cs.columbia.edu/~smb

Graeme_Fowler · January 13, 2010, 8:34pm

And somewhere in the dim and distant past (Jan 6th), Nathan announced
that he'd sorted out his original problem and now had the defaults.

What a peculiar bunch we are. And this from the group lauded as
anonymously and peacefully co-existing to hold the Internet together,
eh?

Graeme

Nathan_Eisenberg · January 13, 2010, 8:50pm

From: Graeme Fowler [mailto:graeme@graemef.net]
And somewhere in the dim and distant past (Jan 6th), Nathan announced
that he'd sorted out his original problem and now had the defaults.

What a peculiar bunch we are. And this from the group lauded as
anonymously and peacefully co-existing to hold the Internet together,
eh?

Graeme

I think the impulse to challenge and question assertions probably tends to be a common personality feature in (good) network admins. The resulting conversations are often lively, oddly passionate arguments - but I firmly believe that there is a friendly nature behind it all.

Nathan

Valdis_Kletnieks · January 13, 2010, 9:55pm

Something to keep in mind is that this list is, by and large, comprised of
people who are paid large sums of money for their ability to have meaningful
conversations with inanimate objects made of melted sand.

You gotta expect their people skills will be.... different.

_Matt_Palmer · January 13, 2010, 10:34pm

So... someone has a list of the "barcodes" on all my equipment. ONOES!
Without access to the asset database that backs it, I'm not sure what damage
they're going to do. It's not as though one of my core switches is going to
try and get through airport security with it.

- Matt