Skip to main content
Start a Conversation

Unsolved

This post is more than 5 years old

Kiwi FIsh

1 Message

5345

June 22nd, 2005 21:00

DRAC 4 Security

Hi,
Can anyone help me?
I look after more than 2 separate networks, they are not connected and I cannot connect them via a firewall etc. for security reasons.
I want to connect to servers in one network by using the DRAC card. I know I can connect the DRAC directly to the network where I normally work and assign it an IP number etc.
However what are the security implications of doing this? I have asked Dell, but they were not very helpful, which is unusual! Could some compromise a server and then use the DRAC card to access the network it is connected to?
 
Thanks for any help or advice.
 
-Nigel

ePatrick

116 Posts

June 29th, 2005 06:00

The default RAC username/password are root/calvin, if you configure a DRAC and don't change this, technically any user with access to that subnet could login and shutdown your servers - they could also access the VNC function (console redirect) and take direct control of the server, if its logged off thats fine presuming your own internal security is good, if for some reason it is logged on with a priviledged account, well I will leave that to your imagination.
 
Of course, this password can be changed and it will also allow you to logon to the DRAC console with either an allowed domain account, or an allowed local user account.
 
So ultimately, provided that password is changed, DRAC is just as secure as having a server with terminal services remote management enabled and accessible.
 
I hope this helps.

DPYeilding

80 Posts

September 27th, 2006 20:00

the DRAC root password is usually common knowledge so should be changed. Here are the instructions below.

On your Windows XP notebook or desktop that has the ability to access the DRAC's you need to download and install the RAC console from the IT Assistant software.

Download: http://ftp.us.dell.com/sysman/MgmtStat-WIN-4.5_A00.exe

Extract the file and double-click on the setup.exe file in the windows directory. It will perform a pre-requisite check. Some items may fail the check, just ignore and choose to continue. Choose a customer installation and select the RAC Management Station. Make sure all other items are de-selectd and choose next. After the installation is complete you can bring up a command prompt from your XP notebook and use the RACADM command to change the passwords.

Here is an example of the syntax you will type. My RAC IP Address is 192.168.1.1, my username is root and my password is calvin. I am changing my password to password.

C:\>racadm -u root -p calvin -r 192.168.1.1 config -g cfgUserAdmin -o cfgUserAdminPassword -i 1 password

Was this post helpful?

View All

No Events found!

Top