[AusNOG] How hard is it to protect/defend a router?

Roland Dobbins rdobbins at arbor.net
Thu Sep 5 13:09:08 EST 2013




George Fong <george at lateralplains.com> wrote:

>I would have thought that the answer is not very hard. But there are
>some things that make you question your beliefs

<https://app.box.com/s/osk4po8ietn1zrjjmn8b>

The #1 way that Cisco routers are compromised is leaving the management plane open to the public Internet & having a local admin account with username 'cisco' & password 'cisco'. 

The #1 way that Juniper routers are compromised is leaving the management plane open to the public Internet & having a local admin account with username 'cisco' & password 'cisco'. 

;>

Consumer-grade CPE devices & embedded systems of all kinds are a horrid mess, many are insecure by default & are literally unsecurable, even if anyone cared.  

---------------------------------------
Roland Dobbins <rdobbins at arbor.net>



More information about the AusNOG mailing list