Default user decisions
Hi
On Mon, Apr 28, 2008 at 09:51:02AM +0200, Maarten ter Huurne wrote:
> On Monday 28 April 2008, Tzafrir Cohen wrote:
>
> > I also expect a typical system to be up for a pretty short time, and
> > hence the impact of a malicious take-over is significantly reduced.
>
> If the system has permanent storage like a harddisk or flash stick, a
> take-over could last longer than the uptime.
>
> If sensitive data is captured, the damage is done regardless of how long the
> system stays up after that.
>
> Also, what is a short time for a human attacking the system is ages for an
> automated system.
If the system is a USB stick, changing the default on a per-copy basis
is relatively simple.
If the system is an ISO image, it is far too dificult for anyone to
bother.
It's nice to say that defualt passwords are dangerous. But this is how
it's done with practically any "router" box and such, where local access
does not really exist.
ssh is not installed by default. If you install it, you need to secure
it.
Someone wrote here before that using a default password gives a false
sense of security, as you might think it is better than an empty
password (for some scenarios it does help, but it is indeed meerly
obfuscation with no real extra layer of security to support it).
However, now that you feel safe with the empty password of that user,
that is "disabled", you go and install an imapd on your box. Suddenly
anybody in the network *can* use your "disabled for remote operation"
user account.
--
Tzafrir Cohen
icq#16849755 jabber:tzafrir.cohen at xorcom.com
+972-50-7952406 mailto:tzafrir.cohen at xorcom.com
http://www.xorcom.com iax:guest at local.xorcom.com/tzafrir
Reply to: