FW: SECURITY NOTICE: insecure passwords on your machine
rcrane at snf.stanford.edu
Thu Dec 2 14:00:18 PST 2004
I'll have them changed tomorrow.
Michael Bell wrote:
> Mary and Dick,
> I wasn't sure who was responsible for setting the passwords on these two
> pieces of equipment, but it appears as though these are general passwords
> that are well known and used by a number of people. It would probably make
> sense to change both the user "USER" and the password before redistributing
> the information. There is a link below that talks about making good
> -----Original Message-----
> From: Information Security [mailto:security at stanford.edu]
> Sent: Wednesday, December 01, 2004 6:39 PM
> To: michael.bell at stanford.edu
> Subject: SECURITY NOTICE: insecure passwords on your machine
> Dear michael.bell at stanford.edu,
> The Stanford campus has been experiencing a series of attacks by viruses
> that take advantage of computer accounts with weak passwords. Below is
> a list of Windows computers that have been found to have one or more
> accounts with blank or easily guessed passwords. You are listed as an
> administrative contact for these machines (or at least the most recent
> person to have been associated with them).
> IP Address Machine Name Vulnerable Accounts
> ============== ===========================
> 220.127.116.11 snf-sem.Stanford.EDU User 'USER' has password 'snf'
> 18.104.22.168 snf-microscope.Stanford.EDU User 'USER' has password
> To protect your computers and those around you, it is very important
> that you set good passwords for *all* the accounts on these machines (the
> list provided is not guaranteed to be complete). For more information on
> setting good quality passwords, see:
> Setting a good password before a break-in takes only a few seconds.
> Rebuilding a system after a break-in can take hours, and your lost
> data may not be recoverable at all. A small preventive effort will
> significantly lower the possiblity that your machine will be compromised
> and will greatly improve the security of the entire Stanford network.
> Thank you for helping to secure Stanford's computing environment.
> David Hoffman
> Information Security
More information about the computer