
So the hacker in me quickly thought that if I did a banner grab for this vendor's appliance across an enterprise I could compromise this device where ever it existed. This appliance is highly deployed, so it is a bit scary to me. The fact that it came from a major "security vendor" was even worse.
This is Security 101 here :(
The reason he said that you couldn't change the password was, "It's an appliance!". I'm like, "Okay????".
This goes to all vendors, administrators, and security professionals.
DEFAULT PASSWORDS ARE NEVER A GOOD THING !!!!!!!!!!!!!
Sorry for shouting. :)
No comments:
Post a Comment