Original issue date: May 7, 1990<BR> Last revised: September 17, 1997<BR> Attached Copyright Statement <P>A complete revision history is at the end of this file. <P>The CERT/CC has recently verified several reports of unauthorized access to Internet connected Unisys systems. The intruder(s) gained access to these systems by logging into vendor supplied default accounts; accounts that had not been given passwords by the systems' owners. <P>Gary Garb, Corporate Computer Security Officer for Unisys Corporation, states: <P>"The Unisys U5000 series UNIX systems are delivered with a number of system logins. The logins are NOT password protected when the customer receives the system. Unless the customer secures these logins, the system is vulnerable to unauthorized access." <P>"A complete list of these logins can be found in the /etc/passwd file. Each login is described by one record in /etc/passwd which contains a number of fields separated by colons. The second field normally would contain the encrypted password. The system logins will initially have a null second field (indicated by two adjacent colons) in their descriptive records in /etc/passwd." <P>"The U5000/80/85/90/95 System V Administration Guide, Volume 1 (UP13679) begins with a chapter on "System Identification and Security". On page 1-2 it states, "All logins should have passwords ... Logins that are not needed should be either removed (by deleting from /etc/passwd) or blocked (by locking the login as described in the section "Locking Unused Logins" on page 1-8). The Guide contains complete instructions on controlling logins and passwords." <P>"It is the user's (system administrator's) responsibility to thoroughly read the Guide and to ensure the security of the system. *Securing the login entries should be of the highest priority and should be accomplished before anyone else has access to the system.*" <P>The CERT/CC urges administrators of Unisys systems, as well as administrators of systems provided by other vendors, to check their systems and insure all accounts are protected by passwords; passwords that are different from the default passwords provided by the vendor. <P>Questions regarding the security aspects of Unisys systems should be directed to: <P>Gary Garb, Corporate Security Officer<BR> Unisys Corporation<BR> (215) 986-4038 <P><HR> <!--#include virtual="/include/footer_nocopyright.html" --> <P>Copyright 1990 Carnegie Mellon University.</P> <HR> Revision History <PRE> September 17,1997 Attached Copyright Statement </PRE> |