Dell OMI (Open Manage Instrumentation)

[nemo55 () hushmail com]

First there was the Compaq 2301 hack...

I wonder if anyone has found any security holes in the DELL Open Manage 
Client.  We are a large DELL shop with many 95/98/NT/W2K machines that 
have the DELL OMI client installed.  There are several  UDP/TCP  ports open 
at all times:

The ports and associated pgms are:
1037  tcp  win32sl.exe
1039  tcp win32sl.exe

1026  udp  dnar.exe
1038  udp  win32sl.exe

Visiting the DELL web site shows a remote cmd program by the name of  actionagent.exe

(http://docs.us.dell.com/docs/software/omci60/en/ug/comp.htm)

Since I did not find that pgm opening any ports on our NT servers, I 
think (guess or hope ?) that no remote attack is possible.

But since the example of the COMPAQ 2301 hack - I wonder if  there is 
still a hack waiting to be found in the DELL OMI client.

anyone ?

thanks


Free, encrypted, secure Web-based email at www.hushmail.com