WaPo writes about vulnerabilities in Supermicro IPMIs
Jay Ashworth
jra at baylink.com
Fri Aug 16 03:43:05 UTC 2013
----- Original Message -----
> From: "Andrew Jones" <aj at jonesy.com.au>
> > Well, *I* would firewall eth1 from eth0 and cross-over eth1 to the ILO jack;
> > let the box be the firewall. Sure, it's still as breakable as the box
> > proper, but security-by-obscurity isn't *bad*, it's just *not good
> > enough*.
>
> That's great until you muck up your firewall config or the kernel
> hangs etc. and you're up for a trip to the data centre.
Sure. But if you can reduce 1% to 1% of 1%, then you've still done something
useful.
Cheers,
-- jra
--
Jay R. Ashworth Baylink jra at baylink.com
Designer The Things I Think RFC 2100
Ashworth & Associates http://baylink.pitas.com 2000 Land Rover DII
St Petersburg FL USA #natog +1 727 647 1274
More information about the NANOG
mailing list