Knowledgebase

Portal Home > Knowledgebase > Articles Database > Making IPMI More Secure

Making IPMI More Secure

Posted by XLT_Frank, 01-22-2011, 10:05 AM

What are some of your methods for making IPMI more secure and invisible to others? Thanks, Frank

---

Posted by PCS-Chris, 01-22-2011, 10:12 AM

Run IPMI on an internal (private) IP instead of a public IP, then VPN to it.

---

Posted by XLT_Frank, 01-22-2011, 10:55 AM

Thanks Chris, so a VPS account with OpenVPN and a private VLAN to that server's port should suffice?

---

Posted by Patrick, 01-22-2011, 01:04 PM

Some security by obscurity doesn't hurt either. Disable the default "admin" or "administrator" account and create something obscure like adm1n007 or whatever comes to mind. Make sure all other accounts are disabled too, I've heard reports of people finding random accounts enabled with SuperMicro IPMI's... also force SSL if you can.

---

Posted by funkywizard, 01-27-2011, 09:52 AM

also disable the guest account. by default it has admin privileges with no password.

---

Posted by p1net, 01-27-2011, 10:43 AM

Most IPMI cards can be setup to only accept connections from particular IP's. That should help improve security if you don't want to go as far as setting up VPN's & private VLANS.

---

Add to Favourites    Print this Article

Managed.com Issues (Views: 782)

Reseller to VPS then maybe dedicated (Views: 645)

Server Complete - MASSIVE downtime (Views: 674)

Surfspeedy down again (Views: 651)

Need info on these Resellers please. (Views: 633)