FW: SECURITY NOTICE: insecure passwords on your machine

Michael Deal mdeal at stanford.edu
Mon Dec 6 08:17:54 PST 2004

Ted told me of this issue last week and we changed the passwords to 
acceptable ones.  We posted the new passwords at the machines on the 
instruction sheets.   -mike

At 08:10 AM 12/6/2004, John Shott wrote:
>Mary et al:
>One other thing that we can do on many machines (although maybe not on 
>these) is to put them on the Stanford "shadow" network so that they are 
>inaccessible/invisible to people outside of Stanford.
>In this case, I believe that these two machines are the ones that Mike 
>Deal uses for remote visibility of the Hitachi S-800 and the CNRI 
>Microscope.  So, at some level, they each need broader accessibility than 
>just on campus.  However, I don't know enough of the details to know 
>exactly what ports they use and exactly what needs to be visible to the 
>outside world.  I suspect that Mike Deal and Mike Bell can provide us with 
>more detail as to what services they need outside the campus and then we 
>should try to lock down everything else.
>What OS runs on these machines?
>Mary Tang wrote:
>>Hi all --
>>Although I know little about these machines, it seems to me that they 
>>have "bad" passwords because they are general-use machines -- they were 
>>set up so that anyone who takes a picture on the SEM or the microscope 
>>can upload their data on the network.  However, the network security 
>>concerns are serious.  We have this problem (or may have) on other 
>>systems in the lab as well.  It seems to me that we have a couple of ways 
>>to approach this:
>>1.  Choose better account names and passwords and post these at the 
>>station.  This is presuming that the security problem is from "outside" 
>>rather than "inside" the lab.
>>2.  Take the systems off the network.  We should then upgrade these 
>>systems to accomodate USB keys or other the media of choice.  (This is 
>>what we did for the CAD PC's.)
>>Any other suggestions?
>>Dick Crane wrote:
>>>I'll have them changed tomorrow.
>>>Michael Bell wrote:
>>>>Mary and Dick,
>>>>I wasn't sure who was responsible for setting the passwords on these two
>>>>pieces of equipment, but it appears as though these are general passwords
>>>>that are well known and used by a number of people. It would probably make
>>>>sense to change both the user "USER" and the password before redistributing
>>>>the information. There is a link below that talks about making good
>>>>-----Original Message-----
>>>>From: Information Security [mailto:security at stanford.edu]
>>>>Sent: Wednesday, December 01, 2004 6:39 PM
>>>>To: michael.bell at stanford.edu
>>>>Subject: SECURITY NOTICE: insecure passwords on your machine
>>>>Dear michael.bell at stanford.edu,
>>>>The Stanford campus has been experiencing a series of attacks by viruses
>>>>that take advantage of computer accounts with weak passwords.  Below is
>>>>a list of Windows computers that have been found to have one or more
>>>>accounts with blank or easily guessed passwords.  You are listed as an
>>>>administrative contact for these machines (or at least the most recent
>>>>person to have been associated with them).
>>>>IP Address      Machine Name                 Vulnerable Accounts
>>>>==============  ===========================
>>>>   snf-sem.Stanford.EDU         User 'USER' has password 'snf'
>>>>  snf-microscope.Stanford.EDU  User 'USER' has password
>>>>To protect your computers and those around you, it is very important
>>>>that you set good passwords for *all* the accounts on these machines (the
>>>>list provided is not guaranteed to be complete).  For more information on
>>>>setting good quality passwords, see:
>>>>Setting a good password before a break-in takes only a few seconds.
>>>>Rebuilding a system after a break-in can take hours, and your lost
>>>>data may not be recoverable at all.  A small preventive effort will
>>>>significantly lower the possiblity that your machine will be compromised
>>>>and will greatly improve the security of the entire Stanford network.
>>>>Thank you for helping to secure Stanford's computing environment.
>>>>David Hoffman
>>>>Information Security

More information about the computer mailing list