Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

All I'm going to say about Shodan is...

Too many people leave the default password on internet connected devices.

Seriously, anything is better than the default password.



Note that Shodan doesn't try to login using default credentials. If you see banners advertising their defaults it just means that the device is telling you what its defaults are - it doesn't mean that the device is still using them.

That being said, a ton of devices still use default credentials but we don't have any numbers on how many exactly.


I wasn't implying Shodan did this. Shodan just lets you find things. Google reveals default passwords quite readily though. It's alarming how often they work to login.


Ah yeah, I didn't think you were :) It's just a common misconception so I wanted to let readers here know.


Or there is no password at all, like say a lot of HP printers.


On Konica-Minolta printers the password is almost always the same. My school IT admin explained that they're pretty much always rented or "bought" with a mandatory support contract and the contractors get really annoyed when the admin password isn't the default one, since it's supposed to be "their" password.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: