LowEndTalk

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Shells Virtual Desktop

BMail.ag - Secure Email Service

Server.net

CPLicense.net

VPS Server

Buy VPN

Vultr

VMs for AI

HostDare

ReliableSite White-Label Dedicated Hosting for Resellers

InterServer VPS

BMail.ag - Secure Email Service

Best VPN

High-Performance Bare Metal Server Solutions

Karvl.com

Server Mania Cloud Hosting

DataWagon Hosting

AlphaVPS Hosting

Evoxt.com

Clouvider

VPS Hosting with NVMe

Residential IPs in the US & 4G Mobile Proxies in EU & US with Unlimited Bandwidth

ReliableSite White-Label Dedicated Hosting for Resellers

Rabisu - Hosting Solutions

Shells Virtual Desktop

Categories

In this Discussion

July 2013 finlandvps

New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Gaping Security Holes In IPMI Protocol

DomainBop

DomainBop Member

July 2013 in General

new security holes in IPMI and BMC's

A widely deployed protocol and controller used in servers and workstations both contain serious vulnerabilities that in effect give attackers near-physical access to the machines, a pair of renowned researchers said today.

http://www.darkreading.com/management/new-gaping-security-holes-found-exposing/240157724?cid=NL_DR_Daily_240157724

more details: A Penetration Tester's Guide to IPMI and BMCs
https://community.rapid7.com/community/metasploit/blog/2013/06/23/a-penetration-testers-guide-to-ipmi

Comments

finlandvps Member

July 2013

I run the IPMI / BMC interface in a private VLAN, private network, only accessible via VPN.

I suggest others start doing this as well.

or Register to comment.

2008-2025 © LowEndBox & LowEndTalk. Privacy Policy. Powered by Vanilla.

Back to Top | LowEndTalk | LowEndBox | Dark Theme Config | Advertise