Answer

Network security risks: The trouble with default passwords

The U.S. Computer Emergency Readiness Team (US-CERT) recently issued an alert to warn organizations about the risk of putting devices on the network with default passwords. Do you recommend any pointers for putting a system in place to avoid this?

    Requires Free Membership to View

Ask the Expert

Have a network security question for Brad Casey? Submit it now via email. (All questions are anonymous.)

If devices are logging on to your network using default passwords, your organization is vulnerable in a number of ways. We won't delve into them here, but it's fairly simple for an attacker to discover these passwords and use them to infiltrate your systems.

To mitigate these threats, I highly recommend a Linux distribution such as BackTrack 5, a free pen-testing and vulnerability discovery tool developed by Offensive Security Ltd. In recent months, Offensive Security released a new distribution known as Kali Linux, but until it becomes more widely accepted and mainstream, I will continue to refer people to BackTrack 5.

BackTrack 5 can be easily downloaded from Offensive Security's website. It also has an option to install as a virtual machine. Once installed, you'll find a plethora of security tools, several of which are vital to addressing the default password problem.

The first tool is the Cisco OCS Perl script, which scans the network for Cisco devices. If it finds one, it attempts to log in with the password "cisco," as this is the default password on many Cisco devices.

The second tool BackTrack 5 contains is Metasploit, which is perhaps more important than the first. Within Metasploit, you'll find many different modules that scan the network for default passwords. For example, the Ektron CMS400.NET Password Scanner module searches for Ektron CMS installations within a network that are using default passwords set up by the vendor.

While there are a number of tools and technologies available to combat the default password problem, my experience has found that the multifaceted BackTrack 5 offers the best options.

This was first published in December 2013

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: