The BMC has direct access to the motherboard of its host system. The difference between a BMC and say, a printer, is what you get access to once it has been successfully compromised. Like many embedded devices, they tend to respond slowly to tests and have a few non-standard network services in addition to web-based management. High Value TargetsīMCs are often under appreciated and overlooked during security audits. A diagram of the how the BMC interfaces with the system is shown below (CC-SA-3.0 (C) U. The primary goal of Dan Farmer's research was on the security of the IPMI network protocol that uses UDP port 623. This specification is managed by Intel and currently comes in two flavors, version 1.5 and version 2.0. The Intelligent Platform Management Interface (IPMI) is a collection of specifications that define communication protocols for talking both across a local bus as well as the network. Nearly all servers and workstations ship with or support some form of BMC. In addition to being built-in to various motherboards, BMCs are also sold as pluggable modules and PCI cards. Network access is obtained either via 'sideband' access to an existing network card or through a dedicated interface. BMCs are often implemented as embedded ARM systems, running Linux and connected directly to the southbridge of the host system's motherboard. These products are sold under many brand names, including HP iLO, Dell DRAC, Sun ILOM, Fujitsu iRMC, IBM IMM, and Supermicro IPMI. BMCs and the IPMI Protocolīaseboard Management Controllers (BMCs) are a type of embedded computer used to provide out-of-band monitoring for desktops and servers. Dan has also put together an excellent best practices document that is a must-read for anyone working on the remediation side. If you are looking for a quick overview of the issues discussed in this post, please review the FAQ. This post goes into detail on how to identify and test for each of the issues that Dan identified, using a handful of free security tools. Over the last year, Dan has identified some serious security issues with the Intelligent Platform Management Interface (IPMI) protocol and the Baseboard Management Controllers (BMCs) that speak it. Last updated at Tue, 13:35:08 GMT Introductionĭan Farmer is known for his groundbreaking work on security tools and processes.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |