WaPo writes about vulnerabilities in Supermicro IPMIs

Jay Ashworth jra at baylink.com
Fri Aug 16 03:43:05 UTC 2013


----- Original Message -----
> From: "Andrew Jones" <aj at jonesy.com.au>

> > Well, *I* would firewall eth1 from eth0 and cross-over eth1 to the ILO jack;
> > let the box be the firewall. Sure, it's still as breakable as the box
> > proper, but security-by-obscurity isn't *bad*, it's just *not good
> > enough*.
> 
> That's great until you muck up your firewall config or the kernel
> hangs etc. and you're up for a trip to the data centre.

Sure.  But if you can reduce 1% to 1% of 1%, then you've still done something
useful.

Cheers,
-- jra
-- 
Jay R. Ashworth                  Baylink                       jra at baylink.com
Designer                     The Things I Think                       RFC 2100
Ashworth & Associates     http://baylink.pitas.com         2000 Land Rover DII
St Petersburg FL USA               #natog                      +1 727 647 1274



More information about the NANOG mailing list