Thursday, September 13, 2018

Security risks for Layer 3 switches accessible via VPN?

I'm learning about networking, so bear with me here, can you help a novice? This is probably a very simple question but I'd like to hear some expertise on the subject.

I got into a debate with someone about the security risks of a network that you can only get to remotely through a VPN. The network is comprised of a number of Layer 3 switches with associated Layer 2 devices and so on. The main thing we were arguing about was whether or not a password (changed from default) is necessary to secure the Layer 3 switches since they are on a private network accessible through a VPN.

My argument was that changing the password from default is simply good operational security practice. The person I was arguing with said he thinks it's not dangerous to leave the passwords at default for the Layer 3 switches. BY THE WAY, none of the passwords are default IRL, we were simply arguing about it.

I think his answer is pretty dumb but I don't know of all the various ways someone could compromise this type of network.

Among other things I pointed out that if someone gained physical access it would be trivial to hack the Layer 3 switches. So who is right? Can you help me understand what the security risks are for this type of network?

Thanks!



No comments:

Post a Comment