O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  

No default names/passwords
If you install something with default logins and passwords disable the logins or at least change the passwords.

Contributed by:
[08/13/04 | Discuss (0) | Link to this hack]

I couldn't find this in Network Security Hacks and it seems extremely elementary. I've recently received two Nigerian 419 spams (from the same person), one from a webmail account test@[domain] and the other from demo@[other domain] The account demo was disabled before I could try it but I managed to crack the sooper sekret password for test - it was test. Lesson: when you install an O/S or something else that has names and passwords you frequently get default logins with passwords that are easy to guess or well-known among crackers. Disable the logins if possible, and, in any case, change the passwords to something reasonable. (Unless you really want a guest account.)

O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.