If you use the remote management IPMI 2.0 for server configuration, be careful. There is a vulnerability, which can compromise security of your servers
The remote console management is currently a widely used alternative to a personal visit of data centers. You can configure your or dedicated server Supermicro comfortably from your home. However, there is the high vulnerability, which may caused a misusage of important information due to the RAKP support. Unfortunately, it has not found a reliable fix or update yet, which can remove this vulnerability. What suppose to do?
Recommendation:
- Disable IPMI via LAN
- Use very strong passwords to minimalize very successful dictionary attacks
- Use ACL (access control list) or Coolhousing VPN as separate network
Similar vulnerability could be related to iLO, DRAC and other remote management types, therefore please do not underestimate the security of your servers in our data center and get secure and reliable Coolhousing VPN connection.
Coolhousing team
