Doug Vitale Tech Blog

Posts Tagged ‘device passwords

Default passwords (from OEMs) for networked devices

The manufacturers of networking devices (i.e., routers, switches, firewalls) and network-capable devices (such as printers and multifunction devices) often include built-in HTTP services that run on them. This HTTP functionality allows you to open web-based graphical user interfaces (GUIs) for the purpose of configuring and administering the devices. For example, here are the web GUIs for configuring a Netgear GS108T switch and a Linksys WRT54G wireless router.

Netgear GS108T configuration

Netgear GS108T administrative interface

Linksys web configuration

Linksys WRT54G wireless router web configuration

As you can see, there are multiple tabs and submenus available to let you tweak the configuration of the device to meet your needs and preferences.

Most manufacturers password-protect these interfaces as a simple measure to prevent access by intruders. These default passwords are intended for out-of-the-box installation and configuration. The problem is that many device owners never bother to change these default original equipment manufacturer (OEM) passwords, and several websites exist that categorize and publish them (making them available to malicious and ethical hackers alike).

Read the rest of this entry »

Written by Doug Vitale

December 1, 2011 at 11:26 AM

%d bloggers like this: