Dan Farmer Presents Research on IPMI Vulnerabilities

Posted on June 8, 2014 by mea

IPMI runs regardless of the underlying operating system and operates on UDP port 623 through a server’s network port or its own Ethernet port. It runs continuously, Farmer said, unless the plug is literally pulled. Moore’s scan pulled up 230,000 responses over port 623, an admittedly tiny slice of the overall number of implementations. Yet Farmer concludes that 90 percent of BMCs running IPMI could be compromised because of default or weak passwords or weaknesses in the protocol, not only implicating the host server but others in the same management group because, as he discovered, some vendors share common passwords.

via Dan Farmer Presents Research on IPMI Vulnerabilities | Threatpost | The first stop for security news.

BMC = Baseboard Management Controller, a separate device attached to motherboards for management purposes. This isn’t the first article to point out vulnerabilities in IPMI. It has been noted that IPMI should run on its own intranet and not the public internet. Providing another layer of security to this interface may mitigate any problems. IPMI can’t be any less secure than SNMP.

oVirt 3.4 Release Notes

Posted on March 29, 2014 by mea

oVirt is an open source alternative to VMware vSphere, and provides an excellent KVM management interface for multi-node virtualization.

To find out more about features which were added in previous oVirt releases, check out the oVirt 3.3 release notes, oVirt 3.2 release notes and oVirt 3.1 release notes. For a general overview of oVirt, read the oVirt 3.0 feature guide and the about oVirt page.

via oVirt 3.4 Release Notes.

GSMA Creates Remotely Managed SIM For M2M Applications

Posted on December 20, 2013 by mea

To fix this issue, the GSMA has developed a non-removable SIM that can be embedded in a device for the duration of its life, and remotely assigned to a network. This information can be subsequently modified over-the-air, as many times as necessary.

The GSMA says its new SIM can reduce ongoing operational and logistical costs. Replacing one SIM is not going to break the bank, but replacing a few million could make a dent in any budget, it reckons.

via GSMA Creates Remotely Managed SIM For M2M Applications.

TR-069: Still Sexy After All These Years

Posted on October 25, 2013 by mea

Today, a quarter of all broadband lines on the planet are managed by TR-069 and its management of devices has been expanded in line with changes in the type of devices needing to be managed (many devices can be managed from gateways to VoIP devices to set-top boxes). And the complexity you now see in the connected home environment in terms of technology (and the protocols used) is just not an issue for the continually evolving TR-069, as non-TR-069 devices can be proxy managed.

via TR-069: Still Sexy After All These Years | Light Reading.

Critical NETGEAR ReadyNAS Frontview security vulnerability

Posted on October 24, 2013 by mea

Frontview is the ReadyNAS web management interface; the vulnerability allows command injection and fails to validate or sanitize user input and can be triggered without authentication, Young said.

“The consequence is that an unauthenticated HTTP request can inject arbitrary Perl code to run on the server,” Young wrote on the Tripwire blog. “Naturally, this includes the ability to execute commands on the ReadyNAS embedded Linux in the context of the Apache web server.”

via Critical NETGEAR ReadyNAS Frontview security vulnerability | Threatpost | The First Stop For Security News.

“Bloodsucking leech” puts 100,000 servers at risk of potent attacks

Posted on August 16, 2013 by mea

The threat stems from baseboard management controllers that are embedded onto the motherboards of most servers. Widely known as BMCs, the microcontrollers allow administrators to monitor the physical status of large fleets of servers, including their temperatures, disk and memory performance, and fan speeds. But serious design flaws in the underlying intelligent platform management interface, or IPMI, make BMCs highly susceptible to hacks that can cascade throughout a network, according to a paper presented at this week’s Usenix Workshop on Offensive Technologies.

via “Bloodsucking leech” puts 100,000 servers at risk of potent attacks | Ars Technica.

The Leading Open Source Data Center Automation and Configuration Management Tool

Posted on March 6, 2013 by mea

Puppet Labs’ IT automation software enables system administrators to deliver the operational agility and efficiency of cloud computing at enterprise-class service levels, scaling from handfuls of nodes on-premise to tens of thousands in the cloud. Puppet powers thousands of companies, including Twitter, Yelp, eBay, Zynga, JP Morgan Chase, Bank of America, Google, Disney, Citrix, Oracle, and Viacom.

via Puppet Labs: The Leading Open Source Data Center Automation and Configuration Management Tool | Puppet Labs.

AT&T Opens Up for Partner Program

Posted on February 25, 2013 by mea

In the same way AT&T has started loosening up its network-based application programming interfaces (APIs) for mobile developers, the operator is giving these solutions providers its APIs to let them manage, troubleshoot, provision network services, etc. on AT&T’s network.

via Light Reading – AT&T Opens Up for Partner Program.

The OpenNMS Project

Posted on November 26, 2012 by mea

OpenNMS is the world’s first enterprise grade network management application platform developed under the open source model.

via The OpenNMS Project.

Leverage the value of an truly open source project with an active community. Download OpenNMS now, check out the wiki, and join the discussion.

Bucktown Bell

Cut to the chase.

Tag Archives: management systems