Sal Stolfo 传授沙尔斯托佛
"This is not a password you're going to need every day, so setting a very hard password and recording it at home on a piece of paper is probably a safe thing to do," Stolfo says.
斯多夫说:“你并不需要天天用到这个密码,所以你尽可以设一长串复杂的密码,并将其记在纸上留在家里就可以高枕无忧了。”
"The scan script sends the public password for the product, and if the device responds with the 'command prompt' for that product interface, then the machine is obviously open," Stolfo said.
斯多夫说:“扫描程序脚本向这些网络设备发送对应厂商的公共密码,如果设备对“命令提示”做出与之对应的响应,那么很明显这台设备是不设防的。”
But Stolfo says product makers are the real culprits and need to hide their administrative interfaces by default and provide clear instructions for users who want to alter that configuration.
不过斯多夫表示设备厂商才是真正的罪魁祸首,厂商应该在产品出厂时默认隐藏产品的设置界面,并为想要修改设置的用户提供清楚的指导。
应用推荐