Default Passwords & Credentials
Default passwords and credentials can leave your system vulnerable. Let's see how.
We'll cover the following...
Default passwords
Default passwords are another kind of misconfiguration that saves attackers a lot of time and effort. They’re easy to exploit and easy to detect—just the kind of thing that attackers love. So we need to find them first. We can leverage the network inventory work we did in chapter 1 to give us a starting point for where to look. We’ll also want to include network infrastructure like switches. We’ll want to pay particular attention to anything that’s exposed to the internet.
As was the case with defenses against SQL injection, our defense against this kind of misconfiguration can be layered. The first layer of the defense is to add to our provisioning checklist to make sure to not use default passwords when provisioning new services.
Beyond that, we can look into scanning our network for default passwords. This second layer is highly specific to your network. You won’t have time to exhaustively scan everything on your network. You’ll need to use your judgment on where to focus your efforts. You may get a good return on ...