Re: Security Issues with Wake on Lan (WOL)

[Russell Fulton <r.fulton () auckland ac nz>]

On Tue, 2004-11-02 at 10:46, Valdis.Kletnieks () vt edu wrote:

> Another issue - if an attacker can power up an unpatched or misconfigured or
> otherwise vulnerable machine, they can then do what they want to it all
> night.....

true, however the flip side is that you can use WOL to do automated
patching of desktops in the small hours so hopefully less of your
machines are vulnerable.  Yet another illustration of the axiom that
there are no global right or wrong answers in security.  Everything is a
balancing act dependent on lots of local circumstances.

This leads to another unintended consequence.  To disable (for whatever
reason) such a system it is not enough to just power it off, you have to
unplug it from the network too!
-- 
Russell Fulton, Information Security Officer, The University of Auckland
New Zealand