FW: SECURITY NOTICE: insecure passwords on your machine

Dick Crane rcrane at snf.stanford.edu
Thu Dec 2 14:00:18 PST 2004


Mike,

I'll have them changed tomorrow.

Dick

Michael Bell wrote:

> Mary and Dick,
>
> I wasn't sure who was responsible for setting the passwords on these two
> pieces of equipment, but it appears as though these are general passwords
> that are well known and used by a number of people. It would probably make
> sense to change both the user "USER" and the password before redistributing
> the information. There is a link below that talks about making good
> passwords.
>
> Regards,
>
> Mike
>
> -----Original Message-----
> From: Information Security [mailto:security at stanford.edu]
> Sent: Wednesday, December 01, 2004 6:39 PM
> To: michael.bell at stanford.edu
> Subject: SECURITY NOTICE: insecure passwords on your machine
>
> Dear michael.bell at stanford.edu,
>
> The Stanford campus has been experiencing a series of attacks by viruses
> that take advantage of computer accounts with weak passwords.  Below is
> a list of Windows computers that have been found to have one or more
> accounts with blank or easily guessed passwords.  You are listed as an
> administrative contact for these machines (or at least the most recent
> person to have been associated with them).
>
> IP Address      Machine Name                 Vulnerable Accounts
> ==============  ===========================
> ==================================
> 171.64.100.35   snf-sem.Stanford.EDU         User 'USER' has password 'snf'
> 171.64.101.112  snf-microscope.Stanford.EDU  User 'USER' has password
> 'stanford'
>
> To protect your computers and those around you, it is very important
> that you set good passwords for *all* the accounts on these machines (the
> list provided is not guaranteed to be complete).  For more information on
> setting good quality passwords, see:
>
> http://security.stanford.edu/passwords
>
> Setting a good password before a break-in takes only a few seconds.
> Rebuilding a system after a break-in can take hours, and your lost
> data may not be recoverable at all.  A small preventive effort will
> significantly lower the possiblity that your machine will be compromised
> and will greatly improve the security of the entire Stanford network.
>
> Thank you for helping to secure Stanford's computing environment.
>
> Sincerely,
> David Hoffman
> Information Security




More information about the computer mailing list