Re: WaPo writes about vulnerabilities in Supermicro IPMIs

[Charles N Wyble <charles-lists () knownelement com>]

If you are OK with USB ether net for one interface,  check out the tplink wr703n. Its powered via USB, has a USB and 
rj45 jack. Runs OpenWrt. 

Leo Bicknell <bicknell () ufp org> wrote:
> On Aug 15, 2013, at 9:18 PM, Brandon Martin <lists.nanog () monmotha net>
> wrote:
>
> > As to why people wouldn't put them behind dedicated firewalls,
> imagine something like a single-server colo scenario. 
>
> I have asked about this on other lists, but I'll ask here.
>
> Does anyone know of a small (think Raspberry Pi sized) device that is:
>
>  1) USB powered.
>  2) Has two ethernet ports.
>  3) Runs some sort of standard open source OS?
>
> You might already see where I'm going with this, a small 2-port
> firewall device sitting in front of IPMI, and powered off the USB bus
> of the server.  That way another RU isn't required.  Making it fit in
> an expansion card slot and using an internal USB header might be
> interesting too, so from the outside it wasn't obvious what it was.
>
> I would actually like to see the thing only respond on the USB side,
> power + console, enabling consoling in and changing L2 firewall rules. 
> No IP stack on it what so ever.  That would be highly secure and
> simple.
>
> -- 
>       Leo Bicknell - bicknell () ufp org - CCIE 3440
>        PGP keys at http://www.ufp.org/~bicknell/

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.