DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 16th August 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,135
Thanked 182 Times in 149 Posts
Default “Bloodsucking leech” puts 100,000 servers at risk of potent attacks

From http://arstechnica.com/security/2013...erils-servers/

Quote:
At least 100,000 Internet-connected servers sold by Dell, HP, and other large manufacturers contain hardware that is vulnerable to potent remote hack attacks that steal passwords and install malware on their host systems, researchers said.

The threat stems from baseboard management controllers that are embedded onto the motherboards of most servers. Widely known as BMCs, the microcontrollers allow administrators to monitor the physical status of large fleets of servers, including their temperatures, disk and memory performance, and fan speeds. But serious design flaws in the underlying intelligent platform management interface, or IPMI, make BMCs highly susceptible to hacks that can cascade throughout a network, according to a paper presented at this week's Usenix Workshop on Offensive Technologies.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Dual boot with Windows 8: Fast Startup puts data at risk J65nko News 0 14th January 2013 05:31 PM
dying battery always blinks .. is it a risk ? daemonfowl General Hardware 11 25th July 2012 12:13 PM
Security Google Chrome fixes seven high-risk vulnerabilities J65nko News 1 6th April 2012 11:58 PM
Security Chrome 17 update fixes high-risk vulnerabilities J65nko News 0 23rd March 2012 01:47 AM
X as a security risk .. how wnd when ? daemonfowl OpenBSD Security 3 20th February 2012 11:05 PM


All times are GMT. The time now is 03:30 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick