"Once they were let loose, the team members quickly found and "owned" routers, osCommerce sites, and Linux servers simply because the systems were still using default accounts. Unfortunately, this is a real world problem that has turned more than one company into a victim. Or to put it another way, why attempt to locate and exploit a DCOMRPC vulnerability when the password to the Administrator account is blank!"
It should be a good lesson for all including the company & students that this "small" thing is among the vital concern.
Slashdot Mirror
"Once they were let loose, the team members quickly found and "owned" routers, osCommerce sites, and Linux servers simply because the systems were still using default accounts. Unfortunately, this is a real world problem that has turned more than one company into a victim. Or to put it another way, why attempt to locate and exploit a DCOMRPC vulnerability when the password to the Administrator account is blank!" It should be a good lesson for all including the company & students that this "small" thing is among the vital concern.
Is it the hacker is getting more experts or the system admin is less brilliant??
I think it should be better if i can just keep everything on my friends' PC to be read later when I wake up.. ;)