INTERNET STORM CENTER SPOTLIGHT
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
The Top 10 Not So Common SSH Usernames and Passwords
Published: 2024-10-16.
Last Updated: 2024-10-16 17:26:49 UTC
by Johannes Ullrich (Version: 1)
Our list of "Top" ssh usernames and password is pretty static. Well known defaults, like "root" and "admin" are at the top of the list. But there are always some usernames and password in the list that are not as well known, or only showed up more recently. I will focus in this diary on these "second tier" credentials.
345gs5662d34
Used by Polycom CX600 IP phones, this password often shows up in the username field (as other passwords do) if sloppy bots do enter it into the wrong field.
zyfwp
A backdoor account in Zyxel equipment. It was found by Rapid 7 (and later removed by Zyxel) in 2020.
yhtcAdmin
Used in "Youhua PT939G" fiber routers.
vadmin
The default username for the web hosting platform LiteSpeed. Can be used via SSH or HTTP.
telecomadmin
The username used by Huawei ONT HG8245H5 fiber termination kit.
chenzilong
Not sure. But it may be a popular Chinese character. Maybe anybody reading this knows?
7ujMko0admin
Some Dahua network NVRs use this telnet/ssh password. They are pretending the string "7ujMko0" to the web password, which by default is "admin".
a1sev5y7c39k
The default password for some unspecified routers using the Realtek chipset.
Xpon@Olt9417#
V*SOL GPON OLT default password
ve0RbANG
used with the "YhtcAdmin" username for Youhua PT939G optical network termination equipment. The same device also uses Admin/1234 and Admin/Telecom_1234. .
You can look at our top password list here:
https://isc.sans.edu/data/ssh.html
I will add some of the details about our username and password pages as you look up a particular password. For example:
https://isc.sans.edu/ssh_usernames.html?username=345gs5662d34
Complete diary:
https://isc.sans.edu/diary/The+Top+10+Not+So+Common+SSH+Usernames+and+Passwords/31360/
A Network Nerd's Take on Emergency Preparedness
Published: 2024-10-15. Last Updated: 2024-10-21 15:10:48 UTC
by Johannes Ullrich (Version: 1)
Over the last month, two hurricanes barely missed me. Luckily, neither caused me any significant inconvenience. Sadly, others were not as lucky, and I think this is a good time to do a little "Lessons Learned" exercise. It made me reconsider some of my emergency preparations. I will take a "geek spin" on emergency preparedness in this post. There are better sources to talk about what food to store and how to fill your tub with sufficient water. I will focus more on power and data connectivity. At least once, someone complained that the "Internet Storm Center" does not talk about the weather. This post should keep them happy :).
One advantage of hurricanes, compared to other disasters like earthquakes, is that they are usually announced several days ahead. One very viable option is to "get out". If you plan to get out, make a hotel reservation in a safe spot early. Maybe make a hotel reservation that can be canceled on short notice if you do not need it. Or call some friends/family. Leave before mandatory evacuations are announced. Roads are usually packed 24-48 hours before the storm's landfall.
Unplug as many devices as possible before the storm hits (or before you leave), or disconnect circuit breakers. It may be worthwhile to disconnect cable modems and other devices. During a storm, power will often be unstable, and I have seen power lines fall on cable TV and phone lines. This should not cause harm, but it is best to be safe. At the same time, make sure any rechargeable devices and battery packs are fully charged, and turn them off.
If you own a portable backup battery, ensure they are fully turned off while not in use. These batteries' inverters can use significant power even without any devices plugged in [1].
I am not an electrician, so I refer to others for generator safety issues. Generators connected to natural gas may provide longer-term power backup as long as the natural gas supply is not disrupted. For other fuels, it depends on how much you can store locally.
If you use mobile solar cells: Bring them inside during the storm. Same for any antennas that can be detached, like satellite or cell phone external antennas.
Backup batteries will provide you power for a limited time. Most UPS systems will last 15-60 minutes. Some larger battery packs can last a day (e.g. Tesla Powerwall). Most will not last much longer, but you can extend the lifetime by reducing power consumption, particularly for heavy uses like air conditioners. People outside Florida may not realize it, but after the hurricane passes, you often end up with sunny and hot weather. It may not be easy to live without air conditioning.
Most solar systems will not provide backup power without a battery backup. Only some relatively new inverters can run without grid power or supporting a regular generator. The solar system should be off if the generator is running unless the solar system was specifically designed to support the generator. Do not overestimate the capacity of your backup power solution. You often have surges as devices are turned on (for example, refrigerators). My non-electrician rule of thumb is that you need about three times the capacity of your steady-state usage. [2]
And of course, electricity and water do not work well with each other. If water intrudes into your house, you may still want to turn the devices off.
One issue that kept coming up during the recent storms was the reliability of cellular services. In particular, in more rural areas, which often do not have great cellular coverage in the first place, cellular networks were often not usable. Cellular towers still require uplinks and are sometimes destroyed by high winds or water. Power backup is often limited. Mobile operators will sometimes deploy temporary emergency backup towers. However, these towers may only offer a limited range and capacity. Most phones will allow roaming by default, and mobile operators will allow each other's customers to use their network during disasters. But double-check that your phone has roaming enabled ...
[1] https://www.donrowe.com/power-inverter-faq-a/258.htm
[2] https://www.greenlancer.com/post/solar-battery-backup-vs-generator
Complete diary:
https://isc.sans.edu/diary/A+Network+Nerds+Take+on+Emergency+Preparedness/31356/