On Tue, 20 Feb 2007 15:09:45 -0000, Michal Zalewski <[EMAIL PROTECTED]>
wrote:
On Tue, 20 Feb 2007 [EMAIL PROTECTED] wrote:
to me the whole deal is simply a reminder to change passwords from
default if they're not already.
And hope you don't have hidden "service" accounts that are not visible
through GUI, of course. Like Siemens DSL modems and their "userNotUsed" /
"userNotU"...
*Every* home grade router I've used has had a default option to block the
administration console from the external network. This is basically:
1) Change default passwords
2) Get the vendors to set up secure
As far as I'm concerned, this is a vendor issue, a home router should
never leave the factory without it being configured to auto change the
default password and to block the administration screen from outside.
Though most vendors seem to be terrible on security and follow the concept
of "we tell you it's secure so it is".
dave
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
