From: Roelof Temmingh [roelof@SENSEPOST.COM]
Sent: Tuesday, July 04, 2000 9:30 PM
To: VULN-DEV@SECURITYFOCUS.COM
Subject: default passwords...partII

All,

Thanks again for all the replies - I have tried to put everything on there, and
give credit where needed:

http://wips.sensepost.com/defaultpasswords.html

Some things - my idea with the list was not to include default Unix/VMS/MS
usernames and passwords - I have seen some of those around, and I have no need
to replicate it. My idea was also not to include BIOS passwords for the same
reason.

The list is furthermore not a complete list - some of the passwords need
console access and some need special ports. I have included some of this
information - but heck - you can figure out yourselves (port scans etc). If
someone wants to redo the list with SNMP community names, special notes, etc.
etc. I am sure it will be appreciated. I publish my list and will try to keep
it up to date. The idea is not to make the list my own but rather to get the
ppl on here to help me/someone to build the list - to get the damn list
mirrored on a few sites so that search thingies pick them up.

Maybe someone with some time on hands will register www.defaultpasswords.com :)
, and add BIOS/Unix/VMS/MS/CMP/Oracle/SQL/IIS/etc/etc defaults to it with a
nice front end - that would be great.. I just want it to exists. Joe Jenkins
has a nice page for this: http://www.nerdnet.com/security/index.php. Maybe we
can get this replicated somewhere?

Thanks again for the reponses - within 24h we created something that all of us
can use - where ever it resides.

Keep well,
Roelof.

PS: when I started this I wanted to get the Packeteer Traffic shaping tool's
default username and password....so...anyone??? :))

------------------------------------------------------
Roelof W Temmingh		SensePost IT security
roelof@sensepost.com		+27 83 448 6996
		http://www.sensepost.com