Signature Detail

Short Name	FTP:USER:IRIX-DEF-ACCT
Severity	Low
Recommended	No
Category	FTP
Keywords	irix accounts
Release Date	2003/04/22
Update Number	1213
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

FTP: IRIX Default Account Access Attempt

This signature detects attempts to log in to an IRIX 6.2 account that has no password by default. Accounts that are not configured with passwords by default are: root, lp, nuucp, EZsetup, demos, OutOfBox, guest, and 4dgifts.

Extended Description

An attacker who discovers an IRIX host having passwordless default accounts enabled may be able to log in to the accounts, without a password, via Telnet or FTP. The command shell and file transfer access provided by these default accounts may allow the attacker to conduct additional penetration attempts against the affected host.

References

URL: http://www.blacksheepnetworks.com/security/resources/IRIX_65.html
URL: http://www.nmrc.org/pub/faq/hackfaq/hackfaq-27.html
URL: http://www.faqs.org/faqs/sgi/faq/security/section-3.html

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

FTP: IRIX Default Account Access Attempt

Extended Description

References