GoFuckYourself.com - Adult Webmaster Forum - View Single Post - Supermicro IPMI exploit

TidalWave · 06-26-2014, 03:24 AM

Here is a detailed explanation and tips: http://blog.quadranet.com/supermicro...in-plain-text/

They are nullrouting temporarily and also filtering the effected port at their border routers to limit the effect as best as possible.
Users (idiots) all over the Internet however have had their hard drives WIPED, DATA STOLEN, and more however. I know first hand people who have had multiple servers wiped (and who knows what else with the data before being wiped), all because they wanted and whined about having their IPMI on public IP addresses.

The real solution is upgrading your firmware AND moving IPMI _OFF_ public access internet.
Only newbs want their IPMI on public, and only newb companys dont have a VPN tunnel service to the IPMI so its fully secure.

06-26-2014, 03:24 AM
TidalWave Confirmed User Industry Role: Join Date: Sep 2007 Location: Los Angeles Posts: 2,706	Here is a detailed explanation and tips: http://blog.quadranet.com/supermicro...in-plain-text/ They are nullrouting temporarily and also filtering the effected port at their border routers to limit the effect as best as possible. Users (idiots) all over the Internet however have had their hard drives WIPED, DATA STOLEN, and more however. I know first hand people who have had multiple servers wiped (and who knows what else with the data before being wiped), all because they wanted and whined about having their IPMI on public IP addresses. The real solution is upgrading your firmware AND moving IPMI _OFF_ public access internet. Only newbs want their IPMI on public, and only newb companys dont have a VPN tunnel service to the IPMI so its fully secure. Last edited by TidalWave; 06-26-2014 at 03:26 AM..