nanog mailing list archives
Re: ipmi access
From: Christopher Morrow <morrowc.lists () gmail com>
Date: Mon, 2 Jun 2014 12:56:47 -0400
On Mon, Jun 2, 2014 at 12:14 PM, Blake Hudson <blake () ispn net> wrote:
We just reported a bug to Dell regarding their last 2 generations of remote access controllers where the firewall rules only apply to TCP and not to ICMP or UDP. Their first response was to replace the motherboard. Second response was that this is just how they work. Not looking good. We run our IPMI interfaces behind stateless ACLs, accessible from VPN or trusted ranges.
so... as per usual: 1) embedded devices suck rocks 2) no updates or sanity expected anytime soon in same 3) protect yourself, or suffer the consequences seems normal.
Current thread:
- Re: ipmi access, (continued)
- Re: ipmi access Jimmy Hess (Jun 02)
- Re: ipmi access shawn wilson (Jun 02)
- Re: ipmi access Peter Kristolaitis (Jun 02)
- Re: ipmi access charles (Jun 02)
- Re: ipmi access Jeroen Massar (Jun 02)
- Re: ipmi access Jared Mauch (Jun 02)
- Re: ipmi access Randy Bush (Jun 02)
- Re: ipmi access Christopher Morrow (Jun 02)
- Re: ipmi access shawn wilson (Jun 02)
- Re: ipmi access Blake Hudson (Jun 02)
- Re: ipmi access Christopher Morrow (Jun 02)
- Re: ipmi access Nikolay Shopik (Jun 02)
- Re: ipmi access Christopher Morrow (Jun 02)
- Re: ipmi access Jeroen Massar (Jun 02)
- Re: ipmi access Nikolay Shopik (Jun 02)
- Re: ipmi access Brian Rak (Jun 02)
- Re: ipmi access Robert Drake (Jun 04)
- Re: ipmi access Randy Bush (Jun 02)
- Re: ipmi access shawn wilson (Jun 02)
- Re: ipmi access Nikolay Shopik (Jun 02)
- Re: ipmi access shawn wilson (Jun 02)
- Re: ipmi access Brian Rak (Jun 02)