this post was submitted on 17 Feb 2024
433 points (98.0% liked)

Technology

59374 readers
6264 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 16 points 9 months ago* (last edited 9 months ago) (1 children)

20+ years ago I managed the installation of a high performance compute cluster purchased from IBM. Their techs did all the initial installation and setup, right down to using their well known default password of “PASSW0RD” (with a zero for the ‘o’) for all root/admin accounts…. It took less than 20 minutes for it to be compromised by an IP address in China.

At least other vendors like HP use random root/admin passwords printed on cards physically attached to new equipment…

[–] [email protected] 11 points 9 months ago (1 children)

When I used to rack and stack servers, many moons ago, we would always connect them to a switch with LAN only so we could use SSH/SCP to harden them before they got exposed. This was for .gov stuff that would get attacked instantly.