Many servers expose insecure out-of-band management interfaces to the Internet

Pro
(Source: Stockfresh)

9 June 2014

The analysis showed that 83% of the identified BMCs were vulnerable to this issue and a test with John the Ripper, a brute-force password guessing application, using a modest 4.7 million-word dictionary successfully cracked password hashes obtained from 30% of the BMCs.

“Of course numerous past studies have shown the effectiveness of what a serious attacker can do, and with orders of magnitudes faster speeds than I could muster on my consumer grade iMac,” Farmer said. “I’d say that even a well-chosen non-dictionary based password of a dozen characters or less is suspect.”

Farmer calculated that between 72.8 and 92.5%, depending on password cracking success rate, of BMCs running IPMI 2.0 had authentication issues and were vulnerable to unauthorised access.

“While a quarter of a million BMCs is only a tiny sliver of the total computing power in the world, it’s still an important indicator as a kind of canary in the coalmine,” because BMCs that are behind corporate firewalls share the same issues, Farmer said. “While management systems are often not directly assailable from the outside they’re often left open once the outer thin hard candy shell of an organisation is breached.”

Analysis showed that 83% of the identified BMCs were vulnerable to this issue

Farmer’s paper includes some recommendations for server administrators on how to mitigate some of the identified issues and better secure their BMCs, but the researcher concludes that ultimately the problem of insecure IPMI implementations will linger on for a long time.

“Many of these problems would have been easy to fix if the IPMI protocol had undergone a serious security review or if the developers of modern BMCs had spent a little more effort in hardening their products and giving their customers the tools to secure their servers,” Farmer said. “At this point, it is far too late to effect meaningful change. The sheer number of servers that include a vulnerable BMC will guarantee that IPMI vulnerabilities and insecure configurations will continue to be a problem for years to come.”

 

 

Lucian Constantin, IDG News Service

Read More:


Back to Top ↑

TechCentral.ie