OOB core router connectivity wish list
Steven Bellovin
smb at cs.columbia.edu
Thu Jan 31 20:06:39 UTC 2013
On Jan 9, 2013, at 1:18 PM, Leo Bicknell <bicknell at ufp.org> wrote:
> In a message written on Wed, Jan 09, 2013 at 06:39:28PM +0100, Mikael Abrahamsson wrote:
>> IPMI is exactly what we're going for.
>
> For Vendors that use a "PC" motherboard, IPMI would probably not be
> difficult at all! :)
>
> I think IPMI is a pretty terrible solution though, so if that's your
> target I do think it's a step backwards. Most IPMI cards are prime
> examples of my worries, Linux images years out of date, riddled with
> security holes and universally not trusted. You're going to need a
> "firewall" in front of any such solution to deploy it, so you can't
> really eliminate the extra box I proposed just change its nature.
>
https://www.schneier.com/blog/archives/2013/01/the_eavesdroppi.html
--Steve Bellovin, https://www.cs.columbia.edu/~smb
More information about the NANOG
mailing list