On Sun, Sep 22, 2013 at 9:21 PM, Jeffrey Walton wrote:

... Painting with a broad brush, part of the solution is a remote administration board that can''t be removed. Cf, Fujitsu LOM (Lights Out Management), HP ILO (Integrated Lights Out) HP RILO (Remote Integrated Lights Out), Compaq RIB (Remote Insight Board), and Dell DRAC (Dell Remote Access Card).

As for who has access, that depends on the quality of the implementations. https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4784.

as an attacker, these are my favorite systems, second only to continuous integration servers. remote access subsystems are hard to upgrade, poorly maintained, and provide exceptional access to hosts and systems. (and in fact, abusing a DRAC to get to the CI to then get keys to the kingdom, is a standard approach once you've got a pivot in network) i cannot count the number of times i've seen insecure configurations deployed, either self signed certs, common passwords, insecure ACLs, or all of the above. i can count the number of times i've seen a properly configured RA system with legit PKI and password management: ZERO! the traditional enterprise network is a soft gooey core with a fig leaf perimeter defense. sad realities...