Storing default user names or passwords on devices
After intruders find basic information about a victim’s computer—such as its IP address, open ports and the services running on those ports (which can be determined using freely available networking tools), their first step will be to try to access resources using less sophisticated methods to avoid leaving traces through logging events. Simple automated tools and wordlists make the password brute-force discovery process a breeze. Most network appliances, such as firewalls, wireless access points and routers, are sold with widely known credentials, often available on the vendor’s website or in their manuals.