We can hack your server even when it’s switched off!

http://itsecuritypro.co.uk/2012/06/14/we-can-hack-your-server-even-when-its-switched-off/

Oh please. While I’d imagine there are some admins who don’t realise their servers are at risk, I’d imagine there are many who are fully aware of the advantages and disadvantages of IPMI.

I’d start off by aksing how any network port is “accidentally” accessible on the internet (or indeed any network)? The couple of IPMI cards I’ve worked with default to some private IP address, so even if they’re on are unlikely to be accessible. Secondly I bet a lot of admins deliberatly make them only LAN accessible, which comes to a major advantage: when a server is a 5 hour drive away, being able to restart the server in minutes (thereby avoiding costly time + transport issues) is massively useful, compared to the potential of someone on our LAN accidentally stumbling on (and actually being able to use) an IPMI card.

Of course it’s a risk (the only non remotely-hackable PC is one that’s turned off and has no cables attached), but describing IPMI as “an electronic accident waiting to happen” smacks of scaremongering.

Advertisements