Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Edge Articles

8/4/2020
03:10 PM
Curtis Franklin Jr.
Curtis Franklin Jr.
Edge Features
100%
0%

6 Dangerous Defaults Attackers Love (and You Should Know)

Default configurations can be massive vulnerabilities. Here are a half dozen to check on for your network.

Cisco Configuration Professional
Cisco Configuration Professional is a utility program that professionals working in networking have likely seen. Most, if they use the program, will have changed the default 'cisco/cisco' username and password to something that conforms to their organization's policies. If they neglected that step, then there could be serious issues ahead.
As the name implies, Cisco Configuration Professional is a tool for configuring certain Cisco routers, either at the time of initial deployment or after they're already in the field. The ability to configure and change any facet of a router's behavior makes this an incredibly powerful program -- and one that could be quite useful for malicious purposes in the wrong hands.
The most dangerous situation involving this program is when it is left on an administrator's system (or a system with administration privileges) without an updated set of credentials.
(Image: metamorworks via Adobe Stock)

Cisco Configuration Professional

Cisco Configuration Professional is a utility program that professionals working in networking have likely seen. Most, if they use the program, will have changed the default "cisco/cisco" username and password to something that conforms to their organization's policies. If they neglected that step, then there could be serious issues ahead.

As the name implies, Cisco Configuration Professional is a tool for configuring certain Cisco routers, either at the time of initial deployment or after they're already in the field. The ability to configure and change any facet of a router's behavior makes this an incredibly powerful program -- and one that could be quite useful for malicious purposes in the wrong hands.

The most dangerous situation involving this program is when it is left on an administrator's system (or a system with administration privileges) without an updated set of credentials.

(Image: metamorworks via Adobe Stock)

Curtis Franklin Jr. is Senior Analyst at Omdia, focusing on enterprise security management. Curtis has been writing about technologies and products in computing and networking since the early 1980s. He has been on staff and contributed to technology-industry publications ... View Full Bio
Previous
2 of 7
Next
 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Flash Poll