New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
Why would IPMI be on a public facing ip in the first place?
From Wikipedia:
The Intelligent Platform Management Interface (IPMI) is a standardized computer system interface used by system administrators for out-of-band management of computer systems and monitoring of their operation. It is a way to manage a computer that may be powered off or otherwise unresponsive by using a network connection to the hardware rather than to an operating system or login shell.
http://en.wikipedia.org/wiki/Intelligent_Platform_Management_Interface
I have a dynamic IP, I use multiple ISPs. Using VPN's makes IPMI unusable due to lag, hence I did not do a IP whitelist. Someone came to know of my IPMI IP, I did not share it publicly.
So making jump box is out of the question? Set up a >$20/year vps that runs only ssh and nothing else and only allow connection from that box. It is not that difficult to port scan random ip ranges to find vulnerable services automatically and destroy them for the lulz...people do it all the time...It is very very sad but happens all the time.
I did that using a DO VPS running x2go on it, but only for mounting ISO images. KVM-over-IP is already so latency sensitive. I tried using it through a VPS but it was unusable.
I understand...But IPMI on a public facing ip is never an option... No IPMI at all is better than a public facing one...What's done is done but that was negligence.
All I can say is I accept my fault here.
Can you post which hardware you used? and how much paid monthly? Just interested
PMed.
Thank you very much
I'm really sad to hear this, @dhamaniasad.
Are you sure there is no recovering data etc? I can help if required.
I left Gadgedz for many personal reasons a few weeks ago, and thought he'd be able to continue without me...
Uncalled for. Also, who did I deface? O.o
Also waiting for evidence of this in support. If you can back it up then let's hear it.
It seems that many here feel sorry for poor @dhamaniasad but I am going to agree with @Ian_
I provided enough evidence of the contrary on that thread. We had no reason to deface his website. I merely noticed it, and posted it. Now please tell me if I started a thread about the recent Kickstarter hacking then I would be held responsible for it?
I am not saying whether you did or did not, I would just like to see evidence to back up what @c0y claims. Or is he just trolling? Don't know.
I know this doesn't help your situation; however may be helpful in the future or for others.
IPMI should always be through VPN on private IP address, PFSense can be used easily for this purpose. If you have latency issue, you can set up a VPS/Server local to the network and control on a remote desktop.
If an IP is connected to the Internet and responding on any port, consider it shared publicly.
You're incredibly lucky you made it this long . . .
@dhamaniasad Be strong brother.
Thankfully some providers are implementing IPMI Firewalls to help protect their customers by default. This can be setup in the IPMI Device, but an external firewall helps to be an extra shield/layer of protection to all these mentioned vulnerabilities that exist.
For everyone on our KVM plans who was affected by this, we've made a deal with @fapvps to make sure you get to continue your services with another provider for the same prices. :
>
>
>
>
>
>
>
>
>
>
Awesome thank you! I hope I will get my VPS soon
oh another deadpool provider
No free VPS all the time?
Uhmm , No backups?
Backups are the responsibility of customer, even if the host says they maintain backups.
Okay thank you.