Wednesday, June 25, 2014

Warning about IPMI

The Intelligent Platform Management Interface (IPMI) is a remote management system included in many server systems. Several recent vulnerabilities in IPMI systems have been found to be remotely exploitable. It is highly recommended that any systems with IPMI be configured to not allowed access from the general internet, either by configuring a private network, or blocking access with a firewall. US-CERT recently published an alert on this as well:
http://www.us-cert.gov/ncas/alerts/TA13-207A