Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Many servers expose insecure out-of-band management interfaces to the Internet

Lucian Constantin | June 9, 2014
Many servers expose insecure management interfaces to the Internet through microcontrollers embedded into the motherboard that run independently of the main OS and provide monitoring and administration functions.

Farmer's paper includes some recommendations for server administrators on how to mitigate some of the identified issues and better secure their BMCs, but the researcher concludes that ultimately the problem of insecure IPMI implementations will linger on for a long time.

"Many of these problems would have been easy to fix if the IPMI protocol had undergone a serious security review or if the developers of modern BMCs had spent a little more effort in hardening their products and giving their customers the tools to secure their servers," Farmer said. "At this point, it is far too late to effect meaningful change. The sheer number of servers that include a vulnerable BMC will guarantee that IPMI vulnerabilities and insecure configurations will continue to be a problem for years to come."

 

Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.