PDT is normally a verboten subject here. However, since it is impossible for you to reset the password without having direct physical contact with the switch I guess it cannot hurt to divulge this information. PLEASE NOTE THAT DETAILS PERTAINING TO PDT AND ITS COMMANDS WILL NOT BE DISCUSSED ON THIS SITE, SO DON'T ASK:

Resetting the Passwords on Small Systems:
• If a password is forgotten there is a password reset mechanism.
• On an SSC, the face plate baud dip switch is used.
• Turn on the baud dip switch that corresponds to the next baud rate
lower than it is currently set to. Do not turn off the current baud dip
switch. This means 2 switches beside each other are turned on.
• After the baud dip switch is turned on, the following steps will reset
the password:
1) enter PDT using the security id on SSC for the password
2) type in the command "passwd"
3) prompted for the current level 2 password. Use security id for the
password (X11 R26 will also accept current level 2 password)
4) you will then be prompted for new level 2 and level 1 PDT passwords
5) turn off the baud dip switch you used to override the passwords
6) exit PDT
7) verify passwords by entering PDT

ADDITIONAL WARNING: ONLY NORTEL QUALIFIED PERSONNEL SHOULD BE WORKING IN PDT BECAUSE OF THE GREAT POTENTIAL DANGER TO MESS THE SYSTEM UP. DO NOT ENTER PDT IF YOU ARE NOT QUALIFIED TO DO SO!


SD

TelcoHo

While you're answering PDT questions.... heheh

Just kidding.

Seriously though, is there any way to disable/remove the backdoor PDT passwords that were leaked on the net several years ago?


cheers,
will

If you know the 'leaked' passwords then you can enter PDT. If you can enter PDT you can use the 'passwd' command (see previous post) to enter new PDT passwords so that the backdoor passwords are no longer the active passwords.

Alternatively, if you do not know the 'backdoor' passwords then you can use the procedure that I posted to change the level 1 and level 2 PDT passwords so that they are no longer the default 'backdoor' passwords.

I would not recommend any other methods.

I will offer my caution again: PDT IS DANGEROUS PLACE. IF YOU MESS UP THEN YOU CAN SERIOUSLY SCREW UP A SWITCH AND NORTEL WILL BE THE ONLY PEOPLE WHO CAN REPAIR IT. NORTEL WILL NOT TAKE KINDLY TO THE FACT THAT UNQUALIFIED AND UNAUTHORISED PEOPLE WERE MESSING WITH PDT. THE PDT LOGIN SHOULD REALLY FLASH THE MESSAGE "WARNING: HERE THERE BE DRAGONS!"


SD

Rachelle

How about on Large Systems?

I believe that you have that information.... I know cause I sent it to you several months ago!


SD

Rachelle

As usual, SD is right. I turned a few more pages and their it is. OOPS!


rlc

TelcoHo

I just checked an 11, 61, and 81 using one of the backdoor passwords that I was talking about. There is no "passwd" command. I get an error entering it and it doesn't show up in the available list of commands in the help list either.

That's what I mean. I don't think that they're 'normal' accounts -- that can be changed. Rumor has it that Nortel put them in for their engineers to use for access. That way they can get into PDT and grab the encrypted passwords from memory and decrypt them without having the 'real' passwords. ...rather than having to go through the reset procedure that you laid out.

I was just curious if there was any known way to remove those for security purposes as it's a pretty serious hole.


just curious,
Will

I just checked my library of illicit Nortel lore and "passwd" is the correct command. Perchance your packdoor password is not the correct level to allow you to make the change. Or perchance you mistyped it somehow for I know that unix is finnicky that way and I believe that it must all be lower case. Alternatively, you might not have the patch that allows the change - this depends on software version.

I will look further for more explicit instructions that the ones at which I am currently looking. Meanwhile, you might want to take a gander at the PDF bulletin that I will post here. Nortel notes that if you change the default PDT passwords that there are certain, err, side-effects.


SD

TelcoHo

Thanks for posting that bulletin SD. At least at the time the bulletin was released, there were no known "security incidents" resulting from those passwords being posted. It seems like there would be a lot of that going on, enough to warrant concern anyways. Ah well, at least there's the extra layer of security with the seb's. Someone would have to get past that to get into the pbx.


thanks again for sharing that info,
Will