Alcatel Unleashed

Cavagnaro: Hi, me again, we have decided to remove the info about the another PBX user as may be dangerous. sorry. I edited the "other OXE user"

Cavagnaro: Sorry to delete the halt account password, but as it's open we don't want to give easy access to eyes looking around. As said many times, no passwords are allowed to be posted, you may use PM for such info.

Sorry but that is bullshit.

All default passwords are already on the internet.

You may hate me but as explained below, if someone needs this I'm sure they will be a Linux expert and will easily find the info somewhere else.

alcatelunleashed.com should stand for informations and not for "security by censorship"

Passwords might be even in the postal office but the knowledge of permissions on how to hack the PBX is a different story, if they are on the internbet then find them somewhere else.
The fact that you searched that was by some usefull use, however we don't know who are watching here, we don't want to give easy access to end users customers or people with another intentions.
So may be bullshit for you, but for us preventing is more productive than repairing.

I have to agree with ibuza anyone who leaves passwords as default is a fool, Especially with the ftp halt hack so widely published.

Don't understand zanex, with which part you agree?

when the 2nd hit on google for "alcatel default passwords" lists them all it seems to be a bit of a joke (to me at least) that you are worried about them being published on here. If you leave the passwords as default you are just asking for trouble.
Also what i was refering to was that there is a hack for the unix systems (<5.1) using ftp and the halt login

Well yes, use google with the right words and you will find even NASA access or at a time some credit cards numbers. However it doesn't mean that we also will allow you to put your own credit card number here.
Security is a must, yes, however if the user doesn't change them I don't see a reason why to publish sensitive info yet to anyone who does not even know what they are doing.

How many people will search "Alcatel default passwords" on Google? Probably a few.
How many people will search "Alcatel default passwords" after reading this posts on the universe of this forum members on Google? Probably many more. And giving that idea or pointing where and how to hack doesn't sounds to me very trustable.

awareness is the first step - unless you know about it how are you going to fix it