154 | Security Checklist
Network Discovery
Step 3 Eliminate known account names “admin” “itmanager”, “itemployee”,
and “demo.”
Create a new Admin account for the Network Discovery Administrator.
(optional) Create a new Demo account for training users.
Log into the new Admin account.
Delete the accounts named “admin”, “itmanager”, “itemployee”, and
“demo.”
These are documented account names, known to:
users at your site
existing and prospective Network Discovery customers
Anyone who knows the default account names may be able to gain access
to your Peregrine appliance more easily, even if you have changed the
passwords for the accounts.
There is information about accounts in Chapter 10, Setting up Accounts on
page 123.
Step 4 Go to the Event filter configuration menu and modify the
“email-admin-line” and “email-admin-device” filters.
You must direct e-mail from “admin” to the new account for the Network
Discovery Administrator.
If you don’t want to delete the accounts, at least change the password for the
“admin” account.
“password” is a documented account password, known to:
anyone at your site with access to Network Discovery documentation
existing and prospective Network Discovery customers
Anyone who knows the default password for the “admin” account may be able
to gain top-level access to your Peregrine appliance.