←back to thread

Finding thousands of exposed Ollama instances using Shodan

(blogs.cisco.com)
166 points rldjbpin | 10 comments | 03 Sep 25 08:18 UTC | HN request time: 0.506s | source | bottom
1. larodi ◴[03 Sep 25 10:21 UTC] No.45114122[source]
I’d expect Cisco to publish an article on thousands of Cisco devices with default passwords still there in the open.

Definitely not credible to speak about ML stuff and of course - Ollama has never been production-ready in the sense iOS (Cisco’s) was.

replies(2): >>45114286 #>>45118156 #
2. _mlbt ◴[03 Sep 25 10:51 UTC] No.45114286[source]
How is it Cisco’s fault that a lot of network administrators are incompetent and don’t change default passwords?
replies(4): >>45114349 #>>45114967 #>>45115632 #>>45118898 #
3. maweki ◴[03 Sep 25 11:02 UTC] No.45114349[source]
Cisco is incredibly (in)famous for having hardcoded backdoor accounts in their products.
4. msh ◴[03 Sep 25 12:35 UTC] No.45114967[source]
Having default passwords for a product that is designed to be connected to a network that the users are not forced to change is incomprehensible incompetent for any product produced the last 25 years.
replies(1): >>45116791 #
5. jamesnorden ◴[03 Sep 25 13:36 UTC] No.45115632[source]
By forcing them to change the defaults, like Ubiquiti does, for instance.
6. _mlbt ◴[03 Sep 25 15:15 UTC] No.45116791{3}[source]
If you need to be forced to change the default password on Cisco products you probably shouldn’t be using them.
replies(2): >>45117390 #>>45117552 #
7. cactusplant7374 ◴[03 Sep 25 16:07 UTC] No.45117390{4}[source]
Not allowing default passwords is for the greater good. Making it harder to install is a feature in this case.
8. lupusreal ◴[03 Sep 25 16:18 UTC] No.45117552{4}[source]
Can't you just flip that and say that if you need there to be a default password, you shouldn't be using a Cisco product? And if nobody using a Cisco product needs a default password, then why does one exist at all?
9. Den_VR ◴[03 Sep 25 17:07 UTC] No.45118156[source]
Cisco does more than just sell equipment. Seeing this from their “threat intelligence research organization” shouldn’t be any more surprising than seeing the same from Google via Mandiant.
10. more_corn ◴[03 Sep 25 18:20 UTC] No.45118898[source]
Yes