IPMI is an iDRAC management interface that allows users to monitor and configure iDRAC. The IPMI protocol has inherent security concerns that potentially allow malicious actors to discover user credentials resulting in unauthorized actions being performed. If IPMI over LAN is not required, Dell Technologies recommends disabling this service. If IPMI over LAN is required, below are recommendations for how to configure the service as securely as possible.
Segment IPMI traffic (UDP and stateless) from the rest of the network.
Do not allow IPMI traffic from outside the network.
If using IPMI 1.5-capable BMCs, use ACLs and strict source routing to help ensure that the IPMI traffic is secure. IPMI 2.0 uses stronger encryption than IPMI 1.5.
Disable Cipher 0 - Cipher 0 is an option that is usually enabled by default that can allow authentication to be bypassed. Disabling Cipher 0 can prevent attackers from bypassing authentication and sending arbitrary IPMI commands.
Les données de cette rubrique ne sont pas disponibles
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez indiquer si l’article a été utile ou non.
Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\