OOB core router connectivity wish list

Steven Bellovin smb at cs.columbia.edu
Thu Jan 31 20:06:39 UTC 2013


On Jan 9, 2013, at 1:18 PM, Leo Bicknell <bicknell at ufp.org> wrote:

> In a message written on Wed, Jan 09, 2013 at 06:39:28PM +0100, Mikael Abrahamsson wrote:
>> IPMI is exactly what we're going for.
> 
> For Vendors that use a "PC" motherboard, IPMI would probably not be
> difficult at all! :)
> 
> I think IPMI is a pretty terrible solution though, so if that's your
> target I do think it's a step backwards.  Most IPMI cards are prime
> examples of my worries, Linux images years out of date, riddled with
> security holes and universally not trusted.  You're going to need a
> "firewall" in front of any such solution to deploy it, so you can't
> really eliminate the extra box I proposed just change its nature.
> 

https://www.schneier.com/blog/archives/2013/01/the_eavesdroppi.html


		--Steve Bellovin, https://www.cs.columbia.edu/~smb








More information about the NANOG mailing list