The Raritan Blog
Home » Raritan Blog » US-CERT Warning on BMC & IPMI Security Risks
US-CERT Warning on BMC & IPMI Security Risks
Richard Dominach
August 12, 2013
The US Computer Emergency Readiness Team (US-CERT) issued an alert (TA13-207A) on IPMI usage on July 26th, with recommendations for IT departments. This is based on the work of Dan Farmer and HD Moore that I summarized in my previous blog on this topic.
The US-CERT alert summarizes many of the risks and issues and provides recommended solutions for administrators. Solutions include: restrict IPMI to internal networks, utilize strong passwords, require authentication, sanitize flash memory at and of life, and identify affected products. A list of BMC’s are provided, although this is not a complete list of these devices and the servers utilizing them.
While these solutions are a step in the right direction, they are not sufficient to address all of the security issues listed by Farmer and Moore. For example, using IPMI on internal networks allows it to be attacked by viruses or worms that may exist on these networks. And if strong passwords are not enforced by systems, then some passwords may not be strong. Furthermore, authentication should be sufficiently strong, and for government and military organizations, FIPS 140-2 encryption is required along with two-factor authentication (e.g. CAC).
These solutions do not address many of the structural issues with BMC’s and IPMI including direct access to the server’s motherboard, storage of clear text passwords, virtually unlimited server control, and access to the BMC from a compromised server.
IT administrators and security officers should directly consult Farmer’s (fish2.com/ipmi/bp.pdf) and Moore’s* work to understand the specific dangers to their environment and take the appropriate actions. Administrators should follow the security best practices as defined by the server manufacturer and ensure that their servers have the latest BMC firmware, such that the latest security patches are applied. It's a good idea to make sure your security scanner audits these devices for vulnerabilities.
*source: https://www.rapid7.com/globalassets/external/docs/download/Widespread_Vulnerabilities_in_Baseboard_Management_Controllers_FAQ.pdf
Other Blog Posts
- The Rapid Growth of AI and the Use of Raritan PDUs to Meet Higher Power Demands
- Posted on October 11, 2023
- Data Center Report Fewer Outages, But Downtime Still Costly
- Posted on September 20, 2023
- Survey: Energy Usage and Staffing Shortages Challenge Data Centers
- Posted on September 20, 2023
- Raritan Secure Switch: Secure NIAP 4.0 Compliant Desktop KVM
- Posted on September 20, 2023
- The Midwest is a Hot Market for Data Centers: How the New Generation of Intelligent Rack PDUs Can Save Cloud Giants Uptime and Money
- Posted on September 7, 2023
Subscribe
Upcoming Events
- Advancing Data Center Construction West 2024
- May 6 – 8 • Salt Lake City, UT
- Net Zero Data Center
- May 16 – 17 • Dallas, TX
- 7x24 Exchange Spring
- June 9th • JW Marriott Orlando Grande Lakes
Latest Raritan News
- Legrand Certifications and Process Controls Provide Confidence in Information Security for Network-Connected Devices in Data-Related Applications
- Posted on April 1, 2024
- Legrand Releases Version 4.0 of Raritan’s Industry-Leading Secure KVM Switches, Raising Bar for Secure Desktop Access
- Posted on July 31, 2023
- Legrand Revitalizes Data Center Sector with Two Revolutionary Intelligent Rack PDUs
- Posted on May 1, 2023
- Raritan Reveals The MasterConsole® Digital Dual KVM Switch
- Posted on February 18, 2021
- Legrand Data, Power and Control Division Announced as Finalist in Six Categories at DCS Awards 2020
- Posted on November 9, 2020