----------------------------------------------------------------------------------
@MSGID: 1@dont-email.me> ac285764
@REPLY:
<slrnvpi8iq.5d7.news-1513678000@a-tuin.ms.intern> 880a932e
@INTL 3:770/1 3:770/3
@REPLYADDR chris@internal.net
@REPLYTO 3:770/3.0 UUCP
@PID: SoupGate-Win32 v1.05
On 28/01/2025 at 18:30, Michael Schwingen wrote:
> On 2025-01-26, Chris Green <
cl@isbd.net> wrote:
>>
>> Is there **really** such a big security issue with default login names
>> and passwords on Raspberry Pis? Surely almost all of them are going
>> to be on home networks behind NAT routers and also surely no one is
>> going to (without thinking about it a bit!) put confidential data on
>> one. Anyone installing any system which is going to be directly out
>> on the internet should be very aware of the risks and will do what`s
>> required.
>
> Probably not. People installing special-purpose distributions (media
> player, dns filtering, hoem automazion etc.) may not even be aware that they
> need to change the SSH password when they only interact with some web
> frontend.
>
> Also, it is not just the data on the device that is at risk. There is also
> the risk that such an exposed machine will be used as part of a botnet to
> attack other machines.
>
> A quick check on shodan shows 86362 hits for "ssh raspbian". If only a small
> percentage of these use the default password, that is way too much.
>
> cu
> Michael
>
But ssh is not enabled by default in Raspbian.
--
Chris Elvidge, England
UNDERWEAR SHOULD BE WORN ON THE INSIDE
--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | Fido<>Usenet Gateway (3:770/3)
SEEN-BY: 19/10 50/109 153/757 218/840 840 220/70
221/1 6 360 226/17 100
SEEN-BY: 240/1120 267/800 301/1 113 812 310/31
335/364 341/66 463/68 633/280
SEEN-BY: 712/848 770/1 3 100 330 340 772/210 220
230 5019/40 5020/715 848
SEEN-BY: 5020/1042 4441 12000 5030/49 722 1081
1474 5053/55 5061/133 5075/128
@PATH: 770/3 1 218/840 221/6 301/1 5020/1042 4441