need default AP usr and pwd settings

I'm attemping to re-invent the wheel and put together a list of current and
common wifi default setttings that if a device gets reset 2 years from now
and the manual is no where to be found on net or at home, I could still log
in with defualt settings.

So please see if your original settings match or are different than the list
below and post any differences or missing manufacturers (mostly looking for
username and password even ip if available since ssid will show up with a
wifi scanner):

Draft Default Password List wifi

Type/vendor/Username/Password/IP if available

3Com/ID 101/PWD comcomcom
-----
ACC(Ericsson)/USR netman/PWD netman
-----
AcceleratedDSL CPE and DSLAM/ USR sysadm/PWD anicust
-----
ADC_Kentrox_Pacesetter_Router/USR na/PWD secret
-----
Alteon ACEswitch 180e (web)/USR admin/PWD admin
-----
Alteon ACEswitch 180e (telnet)/USR admin/PWD <blank>
-----
Apple/ID AirPort/USR none/PWD none, password or admin/IP 10.0.0.1
-----
Arrowpoint/USR admin/PWD system
-----
AT&T/3B2/USR na/PWD mcp
-----
AXIS/USR root/PWD pass
-----
Bay/routers/USR Manager/PWD <blank>
-----
Bay/routers/USR User/PWD<blank>
-----
Bay/na/USR NetICs or security/PWD security or none
-----
Belkin/ID wlan/PWD disabled Password: none, just hit the submit button/IP
192.168.2.1
-----
BRASX/ID I01/USR na/PWD letmein
-----
BreezeCOM/USR na/PWD laflaf
-----
BreezeCOM/USR na/PWD Master
-----
BreezeCOM/USR na/PWD Super
-----
BayStack/ID Default SSID/USR admin/PWD <none>
-----
Cabletron/USR <blank>/PWD<blank>
-----
Cayman_DSL_cable/USR na/PWD<blank>
-----
Cisco Aironet 900Mhz and 2.4/ /ID 2 or tsunami/PWD No Default Password
-----
Compaq WL-XXX/ID Compaq/USR-pwd administrator-administrator, user-user,
operator-operator,user-<none>,

PFCUser-240653C9467E45, anonymous-none
-----
Crystalview/ID outsideview32/USR na/PWD crystal
-----
digiCorp/(viper?)/USR na/ PWD BRIDGE
-----
digiCorp/(viper?)/USR na/ PWD password
-----
D-Link/ID WLAN/USR admin/PWD admin
----
Flowpoint/DSL/ PWD password
-----
Flowpoint/DSL2000/USR admin/PWD admin
-----
INETL Pro/Wireless/ID 101, 195, xlan, Intel/PWD No defualt passwords are
known
-----
Jetform/ID design/USR Jetform/ PWD na
-----
Lantronics Terminal/ID serverport 7000/ PWD na
-----
Linksys/ID linksys or wireless/USR admin/PWD admin or none/ID 192.168.1.1
-----
Livingston IRX router/ID !/USR root/PWD <blank>
-----
Livingston officerouter/ID !/PWD root/PWD <blank>
-----
Livingston portmaster/ID 2/3/!/USR root/PWD <blank>
-----
MAXGATE Ugate 3200, 802.11 DS Access Point/PWD none/IP 192.168.0.1
-----
Microsoft/ID MSNHOME/USR admin
-----
Microplex printserver/USR root/PWD root
-----
Motorola Cablerouter/ ID cablecom/ USR router
-----
Netgear/ID netgear or wireless/USR admin/PWD password/IP 192.168.0.1.
-----
Netopia 7100/USR <blank>/PWD <blank>
-----
Netopia 9500/USR netopia/PWD netopia
-----
NETPrint/USR na/PWD sysadm
-----
Orbitor console/USR na/PWD password
-----
Orbitor console/USR na/PWD BRIDGE
-----
Osicom(Datacom)/USR sysadm/PWD sysadm
-----
SMC/ID WLAN/USR None or miniAP or WLAN_AP or BRIDGE/IP 192.168.0.254
-----
SOHOware NetBlaster II/Default SSID: same as MAC address (example:
0080c6fac430) Default MAC: 00:80:c6:xx:xx:xx
------
Shiva/USR root/PWD <blank>
Shiva/USR Guest/PWD <blank>
-----
Siemens SpeedStream/USR admin/IP 192.168.254.254
-----
TELETRONICS WL-Access Points/ID any/PWD 1234/PWD no password
-----
USR/ USR-PWD root-root, any-112345/IP 192.168.123.254
-----
Xylan/Omniswitch/USR diag/PWD switch
-----
UClinux/ID UCsimm/USR root/PWD uClinux
-----
Webramp/USR wradmin/PWD trancell
-----
ZCOMAX /ID any, mello, or Test/USR 1234/No IP address is known to exist on
the bridge
-----
ZYXEL/ID Wireless/USR na/PWD 1234

Not trying to imply anything, but where does the list come from?
Also, I'm trying to think about any legitimate use for the list, but can't
come up with anything...Can you?

BTW: you got the easiest of them all - Linksys - wrong.

--
Dmitri Abaimov, RCDD
http://www.cabling-design.com
Cabling Forum, color codes, pinouts and other useful resources for
premises cabling users and pros
http://www.cabling-design.com/homecabling
Residential Cabling Guide
-------------------------------------
athegates wrote:


> I'm attemping to re-invent the wheel and put together a list of current
> and
> common wifi default setttings that if a device gets reset 2 years from
> now
> and the manual is no where to be found on net or at home, I could still
> log
> in with defualt settings.

> So please see if your original settings match or are different than the
> list
> below and post any differences or missing manufacturers (mostly looking
> for
> username and password even ip if available since ssid will show up
> with a
> wifi scanner):

> Draft Default Password List wifi

> Type/vendor/Username/Password/IP if available

> 3Com/ID 101/PWD comcomcom
> -----
> ACC(Ericsson)/USR netman/PWD netman
> -----
> AcceleratedDSL CPE and DSLAM/ USR sysadm/PWD anicust
> -----
> ADC_Kentrox_Pacesetter_Router/USR na/PWD secret
> -----
> Alteon ACEswitch 180e (web)/USR admin/PWD admin
> -----
> Alteon ACEswitch 180e (telnet)/USR admin/PWD <blank>
> -----
> Apple/ID AirPort/USR none/PWD none, password or admin/IP 10.0.0.1
> -----
> Arrowpoint/USR admin/PWD system
> -----
> AT&T/3B2/USR na/PWD mcp
> -----
> AXIS/USR root/PWD pass
> -----
> Bay/routers/USR Manager/PWD <blank>
> -----
> Bay/routers/USR User/PWD<blank>
> -----
> Bay/na/USR NetICs or security/PWD security or none
> -----
> Belkin/ID wlan/PWD disabled Password: none, just hit the submit
> button/IP
> 192.168.2.1
> -----
> BRASX/ID I01/USR na/PWD letmein
> -----
> BreezeCOM/USR na/PWD laflaf
> -----
> BreezeCOM/USR na/PWD Master
> -----
> BreezeCOM/USR na/PWD Super
> -----
> BayStack/ID Default SSID/USR admin/PWD <none>
> -----
> Cabletron/USR <blank>/PWD<blank>
> -----
> Cayman_DSL_cable/USR na/PWD<blank>
> -----
> Cisco Aironet 900Mhz and 2.4/ /ID 2 or tsunami/PWD No Default Password
> -----
> Compaq WL-XXX/ID Compaq/USR-pwd administrator-administrator, user-user,
> operator-operator,user-<none>,

> PFCUser-240653C9467E45, anonymous-none
> -----
> Crystalview/ID outsideview32/USR na/PWD crystal
> -----
> digiCorp/(viper?)/USR na/ PWD BRIDGE
> -----
> digiCorp/(viper?)/USR na/ PWD password
> -----
> D-Link/ID WLAN/USR admin/PWD admin
> ----
> Flowpoint/DSL/ PWD password
> -----
> Flowpoint/DSL2000/USR admin/PWD admin
> -----
> INETL Pro/Wireless/ID 101, 195, xlan, Intel/PWD No defualt passwords
> are
> known
> -----
> Jetform/ID design/USR Jetform/ PWD na
> -----
> Lantronics Terminal/ID serverport 7000/ PWD na
> -----
> Linksys/ID linksys or wireless/USR admin/PWD admin or none/ID
> 192.168.1.1
> -----
> Livingston IRX router/ID !/USR root/PWD <blank>
> -----
> Livingston officerouter/ID !/PWD root/PWD <blank>
> -----
> Livingston portmaster/ID 2/3/!/USR root/PWD <blank>
> -----
> MAXGATE Ugate 3200, 802.11 DS Access Point/PWD none/IP 192.168.0.1
> -----
> Microsoft/ID MSNHOME/USR admin
> -----
> Microplex printserver/USR root/PWD root
> -----
> Motorola Cablerouter/ ID cablecom/ USR router
> -----
> Netgear/ID netgear or wireless/USR admin/PWD password/IP 192.168.0.1.
> -----
> Netopia 7100/USR <blank>/PWD <blank>
> -----
> Netopia 9500/USR netopia/PWD netopia
> -----
> NETPrint/USR na/PWD sysadm
> -----
> Orbitor console/USR na/PWD password
> -----
> Orbitor console/USR na/PWD BRIDGE
> -----
> Osicom(Datacom)/USR sysadm/PWD sysadm
> -----
> SMC/ID WLAN/USR None or miniAP or WLAN_AP or BRIDGE/IP 192.168.0.254
> -----
> SOHOware NetBlaster II/Default SSID: same as MAC address (example:
> 0080c6fac430) Default MAC: 00:80:c6:xx:xx:xx
> ------
> Shiva/USR root/PWD <blank>
> Shiva/USR Guest/PWD <blank>
> -----
> Siemens SpeedStream/USR admin/IP 192.168.254.254
> -----
> TELETRONICS WL-Access Points/ID any/PWD 1234/PWD no password
> -----
> USR/ USR-PWD root-root, any-112345/IP 192.168.123.254
> -----
> Xylan/Omniswitch/USR diag/PWD switch
> -----
> UClinux/ID UCsimm/USR root/PWD uClinux
> -----
> Webramp/USR wradmin/PWD trancell
> -----
> ZCOMAX /ID any, mello, or Test/USR 1234/No IP address is known to exist
> on
> the bridge
> -----
> ZYXEL/ID Wireless/USR na/PWD 1234






##-----------------------------------------------##
Article posted with Cabling-Design.com Newsgroup Archive
http://www.cabling-design.com/forums
no-spam read and post WWW interface to your favorite newsgroup - alt.internet.wireless
##-----------------------------------------------##

The point is if you are forced for whatever reason to reset your AP i
the future you must have the default settings to reconfigure it
Otherwise it's headed for the junk pile.

Many mfg of soho products on carry current and one generation ol
manuals online and some not any. The point of the list is as
reference only in case of a emergency.

Da

--
flw

Taking a moment's reflection, flw mused:
|
| The point is if you are forced for whatever reason to reset your AP in
| the future you must have the default settings to reconfigure it.
| Otherwise it's headed for the junk pile.

You can simply contact the vender...

This is exactly the point I was trying to make:

If you have to reset YOUR OWN WAP, you would get that info in the manual
that came with it, right? Having compiled the list of ALL the user/PSW of
the different models of WAPs on the market just simplifies war driving and
does not really help in day-to-day maintenance.

If you are a WiFi tech, how many brands your company carry? 2,3, 5 at
most! over that number would be just crazy due to logistics involved. And
you have probably attended training with all of them or at least keep a
copy of the manual for yourself, I presume.

If you are an extremely versatile service company that can possibly
encounter any kind of WAP, then I guess, compile that list and keep it to
yourself. Don't just contribute to the easiness of breaking into people's
WAPs by posting the list here.

--
Dmitri Abaimov, RCDD
http://www.cabling-design.com
Cabling Forum, color codes, pinouts and other useful resources for
premises cabling users and pros
http://www.cabling-design.com/homecabling
Residential Cabling Guide
-------------------------------------
mhicaoidh wrote:


> Taking a moment's reflection, flw mused:
> |
> | The point is if you are forced for whatever reason to reset your AP
> in
> | the future you must have the default settings to reconfigure it.
> | Otherwise it's headed for the junk pile.

> You can simply contact the vender...






##-----------------------------------------------#
Article posted with Cabling-Design.com Newsgroup Archiv
http://www.cabling-design.com/forum
no-spam read and post WWW interface to your favorite newsgroup - alt.internet.wireles
##-----------------------------------------------##

On Mon, 14 Jun 2004 01:15:21 GMT, "athegates" <(E-Mail Removed)>
wrote:

>I'm attemping to re-invent the wheel and put together a list of current and
>common wifi default setttings that if a device gets reset 2 years from now
>and the manual is no where to be found on net or at home, I could still log
>in with defualt settings.

You might be interested in this default password list.
http://phenoelit.darklab.org/cgi-bin/display.pl
I DID archive that locally. Looks quite useful.

On Mon, 14 Jun 2004 16:15:20 GMT, info_at_cabling-(E-Mail Removed)
(Dmitri(Cabling-Design.com)) wrote:

>This is exactly the point I was trying to make:
>
>If you have to reset YOUR OWN WAP, you would get that info in the manual
>that came with it, right? Having compiled the list of ALL the user/PSW of
>the different models of WAPs on the market just simplifies war driving and
>does not really help in day-to-day maintenance.
>
>If you are a WiFi tech, how many brands your company carry? 2,3, 5 at
>most! over that number would be just crazy due to logistics involved. And
>you have probably attended training with all of them or at least keep a
>copy of the manual for yourself, I presume.
>
>If you are an extremely versatile service company that can possibly
>encounter any kind of WAP, then I guess, compile that list and keep it to
>yourself. Don't just contribute to the easiness of breaking into people's
>WAPs by posting the list here.

Oh please. Security by obscurity is no security at all. A simple google search
will already reveal DOZENS of lists of default usernames / passwords for
wireless equipment.

The OS vendors and administrators realized long ago that keeping flaws SECRET
did NOTHING to improve security. That's why flaws in Linux / Windows / etc are
publicized.

Not posting default usernames / passwords to usenet is not going to improve
anyones security.

Maybe one of these days the WIFI vendors will get a clue, and will "by default"
allow the equipment settings services (HTTP/Telnet) to ONLY be accessed from the
LAN side. Or, use randomly generated passwords for each piece of hardware that
are permanantly attached to the bottom of the device on a foil sticker or
something equally durable.

On Mon, 14 Jun 2004 21:18:00 GMT, Beretta <(E-Mail Removed)> wrote:

>Not posting default usernames / passwords to usenet is not going to improve
>anyones security.
No kidding. I just posted a link to a site with default passwords for
thousands of pieces of equipment.
>
>Maybe one of these days the WIFI vendors will get a clue, and will "by default"
>allow the equipment settings services (HTTP/Telnet) to ONLY be accessed from the
>LAN side.
I would hope so.

>Or, use randomly generated passwords for each piece of hardware that
>are permanantly attached to the bottom of the device on a foil sticker or
>something equally durable.
That sounds like a nightmare. Having the same default pw forces
people with a clue to change them. People with no clue don't, and
that's their problem. They should learn. I would never consider
leaving anything with a default pw. BTW, Cisco gear has no pw, so you
better put one in their fast!

"Beretta" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> On Mon, 14 Jun 2004 16:15:20 GMT, info_at_cabling-(E-Mail Removed)
> (Dmitri(Cabling-Design.com)) wrote:
>
> >This is exactly the point I was trying to make:
> >
> >If you have to reset YOUR OWN WAP, you would get that info in the manual
> >that came with it, right? Having compiled the list of ALL the user/PSW of
> >the different models of WAPs on the market just simplifies war driving
and
> >does not really help in day-to-day maintenance.
> >
> >If you are a WiFi tech, how many brands your company carry? 2,3, 5 at
> >most! over that number would be just crazy due to logistics involved. And
> >you have probably attended training with all of them or at least keep a
> >copy of the manual for yourself, I presume.
> >
> >If you are an extremely versatile service company that can possibly
> >encounter any kind of WAP, then I guess, compile that list and keep it to
> >yourself. Don't just contribute to the easiness of breaking into people's
> >WAPs by posting the list here.
>
> Oh please. Security by obscurity is no security at all. A simple google
search
> will already reveal DOZENS of lists of default usernames / passwords for
> wireless equipment.
>
> The OS vendors and administrators realized long ago that keeping flaws
SECRET
> did NOTHING to improve security. That's why flaws in Linux / Windows / etc
are
> publicized.
>
> Not posting default usernames / passwords to usenet is not going to
improve
> anyones security.
>
> Maybe one of these days the WIFI vendors will get a clue, and will "by
default"
> allow the equipment settings services (HTTP/Telnet) to ONLY be accessed
from the
> LAN side. Or, use randomly generated passwords for each piece of hardware
that
> are permanantly attached to the bottom of the device on a foil sticker or
> something equally durable.

Well said.

Ron Bandes, CCNP, CTT+, etc.