[160126] in North American Network Operators' Group
Re: OOB core router connectivity wish list
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Thu Jan 31 15:07:00 2013
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <20130109181822.GA94721@ussenterprise.ufp.org>
Date: Thu, 31 Jan 2013 15:06:39 -0500
To: Leo Bicknell <bicknell@ufp.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 9, 2013, at 1:18 PM, Leo Bicknell <bicknell@ufp.org> wrote:
> In a message written on Wed, Jan 09, 2013 at 06:39:28PM +0100, Mikael =
Abrahamsson wrote:
>> IPMI is exactly what we're going for.
>=20
> For Vendors that use a "PC" motherboard, IPMI would probably not be
> difficult at all! :)
>=20
> I think IPMI is a pretty terrible solution though, so if that's your
> target I do think it's a step backwards. Most IPMI cards are prime
> examples of my worries, Linux images years out of date, riddled with
> security holes and universally not trusted. You're going to need a
> "firewall" in front of any such solution to deploy it, so you can't
> really eliminate the extra box I proposed just change its nature.
>=20
https://www.schneier.com/blog/archives/2013/01/the_eavesdroppi.html
--Steve Bellovin, https://www.cs.columbia.edu/~smb
