Problem solve Get help with specific problems with your technologies, process and projects.

Network security risks: The trouble with default passwords

Network security expert Brad Casey explores the risks of putting devices on the network with default passwords, and spotting default password usage.

The U.S. Computer Emergency Readiness Team (US-CERT) recently issued an alert to warn organizations about the risk...

of putting devices on the network with default passwords. Do you recommend any pointers for putting a system in place to avoid this?

Ask the Expert

Have a network security question for Brad Casey? Submit it now via email. (All questions are anonymous.)

If devices are logging on to your network using default passwords, your organization is vulnerable in a number of ways. We won't delve into them here, but it's fairly simple for an attacker to discover these passwords and use them to infiltrate your systems.

To mitigate these threats, I highly recommend a Linux distribution such as BackTrack 5, a free pen-testing and vulnerability discovery tool developed by Offensive Security Ltd. In recent months, Offensive Security released a new distribution known as Kali Linux, but until it becomes more widely accepted and mainstream, I will continue to refer people to BackTrack 5.

BackTrack 5 can be easily downloaded from Offensive Security's website. It also has an option to install as a virtual machine. Once installed, you'll find a plethora of security tools, several of which are vital to addressing the default password problem.

The first tool is the Cisco OCS Perl script, which scans the network for Cisco devices. If it finds one, it attempts to log in with the password "cisco," as this is the default password on many Cisco devices.

The second tool BackTrack 5 contains is Metasploit, which is perhaps more important than the first. Within Metasploit, you'll find many different modules that scan the network for default passwords. For example, the Ektron CMS400.NET Password Scanner module searches for Ektron CMS installations within a network that are using default passwords set up by the vendor.

While there are a number of tools and technologies available to combat the default password problem, my experience has found that the multifaceted BackTrack 5 offers the best options.

This was last published in December 2013

Dig Deeper on Password management and policy